[ OK ] Started Permit User Sessions. [ OK ] Found device /dev/ttyS0. [ OK ] Started System Logging Service. [ OK ] Started getty on tty2-tty6 if dbus and logind are not available. [ *** ] A start job is running for OpenBSD …Shell server (1min 28s / 2min 45s)[ ***] A start job is running for OpenBSD …Shell server (1min 28s / 2min 45s)[ **] A start job is running for OpenBSD …Shell server (1min 29s / 2min 45s)[ *] A start job is running for OpenBSD …Shell server (1min 30s / 2min 45s)[ **] A start job is running for OpenBSD …ure Shell server (1min 31s / 3min)[ OK ] Started OpenBSD Secure Shell server. [ OK ] Listening on Load/Save RF Kill Switch Status /dev/rfkill Watch. [ OK ] Started Getty on tty6. [ OK ] Started Getty on tty5. [ OK ] Started Getty on tty4. [ OK ] Started Getty on tty3. [ OK ] Started Getty on tty2. [ OK ] Started Getty on tty1. [ OK ] Started Serial Getty on ttyS0. [ OK ] Reached target Login Prompts. [ OK ] Reached target Multi-User System. [ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... Starting Load/Save RF Kill Switch Status... [ OK ] Started Update UTMP about System Runlevel Changes. [ OK ] Started Load/Save RF Kill Switch Status. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.0.41' (ECDSA) to the list of known hosts. 2021/05/31 17:47:39 fuzzer started 2021/05/31 17:47:40 dialing manager at 10.128.0.169:43151 2021/05/31 17:47:41 syscalls: 3546 2021/05/31 17:47:41 code coverage: enabled 2021/05/31 17:47:41 comparison tracing: enabled 2021/05/31 17:47:41 extra coverage: enabled 2021/05/31 17:47:41 setuid sandbox: enabled 2021/05/31 17:47:41 namespace sandbox: enabled 2021/05/31 17:47:41 Android sandbox: /sys/fs/selinux/policy does not exist 2021/05/31 17:47:41 fault injection: enabled 2021/05/31 17:47:41 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2021/05/31 17:47:41 net packet injection: enabled 2021/05/31 17:47:41 net device setup: enabled 2021/05/31 17:47:41 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2021/05/31 17:47:41 devlink PCI setup: PCI device 0000:00:10.0 is not available 2021/05/31 17:47:41 USB emulation: enabled 2021/05/31 17:47:41 hci packet injection: enabled 2021/05/31 17:47:41 wifi device emulation: enabled 2021/05/31 17:47:41 802.15.4 emulation: enabled 2021/05/31 17:47:41 fetching corpus: 0, signal 0/2000 (executing program) 2021/05/31 17:47:41 fetching corpus: 50, signal 15587/19452 (executing program) 2021/05/31 17:47:41 fetching corpus: 100, signal 25055/30738 (executing program) 2021/05/31 17:47:41 fetching corpus: 150, signal 34335/41759 (executing program) 2021/05/31 17:47:41 fetching corpus: 200, signal 37711/46939 (executing program) 2021/05/31 17:47:41 fetching corpus: 250, signal 44299/55258 (executing program) 2021/05/31 17:47:41 fetching corpus: 300, signal 48374/61037 (executing program) 2021/05/31 17:47:42 fetching corpus: 350, signal 57039/71221 (executing program) 2021/05/31 17:47:42 fetching corpus: 400, signal 62430/78205 (executing program) 2021/05/31 17:47:42 fetching corpus: 450, signal 67204/84567 (executing program) 2021/05/31 17:47:42 fetching corpus: 500, signal 70814/89761 (executing program) 2021/05/31 17:47:42 fetching corpus: 550, signal 75613/96062 (executing program) 2021/05/31 17:47:42 fetching corpus: 600, signal 79138/101148 (executing program) 2021/05/31 17:47:42 fetching corpus: 650, signal 81242/104832 (executing program) 2021/05/31 17:47:42 fetching corpus: 700, signal 83322/108493 (executing program) 2021/05/31 17:47:42 fetching corpus: 750, signal 86223/112887 (executing program) 2021/05/31 17:47:42 fetching corpus: 800, signal 88244/116478 (executing program) 2021/05/31 17:47:42 fetching corpus: 850, signal 90483/120212 (executing program) 2021/05/31 17:47:42 fetching corpus: 900, signal 93295/124476 (executing program) 2021/05/31 17:47:42 fetching corpus: 950, signal 96642/129202 (executing program) 2021/05/31 17:47:42 fetching corpus: 1000, signal 98613/132655 (executing program) 2021/05/31 17:47:42 fetching corpus: 1050, signal 102006/137404 (executing program) 2021/05/31 17:47:42 fetching corpus: 1100, signal 105012/141810 (executing program) 2021/05/31 17:47:42 fetching corpus: 1150, signal 110532/148387 (executing program) 2021/05/31 17:47:42 fetching corpus: 1200, signal 112271/151540 (executing program) 2021/05/31 17:47:42 fetching corpus: 1250, signal 116256/156708 (executing program) 2021/05/31 17:47:42 fetching corpus: 1300, signal 118654/160444 (executing program) 2021/05/31 17:47:42 fetching corpus: 1350, signal 120830/163938 (executing program) 2021/05/31 17:47:43 fetching corpus: 1400, signal 122127/166632 (executing program) 2021/05/31 17:47:43 fetching corpus: 1450, signal 124577/170310 (executing program) 2021/05/31 17:47:43 fetching corpus: 1500, signal 126491/173528 (executing program) 2021/05/31 17:47:43 fetching corpus: 1550, signal 127761/176128 (executing program) 2021/05/31 17:47:43 fetching corpus: 1600, signal 128950/178657 (executing program) 2021/05/31 17:47:43 fetching corpus: 1650, signal 130335/181385 (executing program) 2021/05/31 17:47:43 fetching corpus: 1700, signal 132281/184575 (executing program) 2021/05/31 17:47:43 fetching corpus: 1750, signal 134750/188270 (executing program) 2021/05/31 17:47:43 fetching corpus: 1800, signal 136978/191727 (executing program) 2021/05/31 17:47:43 fetching corpus: 1850, signal 138968/194914 (executing program) 2021/05/31 17:47:43 fetching corpus: 1900, signal 139715/197020 (executing program) 2021/05/31 17:47:43 fetching corpus: 1950, signal 141140/199720 (executing program) 2021/05/31 17:47:43 fetching corpus: 2000, signal 142015/201905 (executing program) 2021/05/31 17:47:43 fetching corpus: 2050, signal 143421/204596 (executing program) 2021/05/31 17:47:43 fetching corpus: 2100, signal 145728/207941 (executing program) 2021/05/31 17:47:43 fetching corpus: 2150, signal 147827/211118 (executing program) 2021/05/31 17:47:44 fetching corpus: 2200, signal 148897/213465 (executing program) 2021/05/31 17:47:44 fetching corpus: 2250, signal 150455/216188 (executing program) 2021/05/31 17:47:44 fetching corpus: 2300, signal 151734/218696 (executing program) 2021/05/31 17:47:44 fetching corpus: 2350, signal 152828/221041 (executing program) 2021/05/31 17:47:44 fetching corpus: 2400, signal 154264/223658 (executing program) 2021/05/31 17:47:44 fetching corpus: 2450, signal 155778/226293 (executing program) 2021/05/31 17:47:44 fetching corpus: 2500, signal 157212/228912 (executing program) 2021/05/31 17:47:44 fetching corpus: 2550, signal 158754/231565 (executing program) 2021/05/31 17:47:44 fetching corpus: 2600, signal 159998/233994 (executing program) 2021/05/31 17:47:44 fetching corpus: 2650, signal 161019/236244 (executing program) 2021/05/31 17:47:44 fetching corpus: 2700, signal 162215/238580 (executing program) 2021/05/31 17:47:44 fetching corpus: 2750, signal 163080/240610 (executing program) 2021/05/31 17:47:44 fetching corpus: 2800, signal 164169/242854 (executing program) 2021/05/31 17:47:44 fetching corpus: 2850, signal 167135/246550 (executing program) 2021/05/31 17:47:44 fetching corpus: 2900, signal 168424/248926 (executing program) 2021/05/31 17:47:44 fetching corpus: 2950, signal 169595/251191 (executing program) 2021/05/31 17:47:44 fetching corpus: 3000, signal 170873/253539 (executing program) 2021/05/31 17:47:44 fetching corpus: 3050, signal 173369/256830 (executing program) 2021/05/31 17:47:45 fetching corpus: 3100, signal 174365/258952 (executing program) 2021/05/31 17:47:45 fetching corpus: 3150, signal 175626/261174 (executing program) 2021/05/31 17:47:45 fetching corpus: 3200, signal 176289/262970 (executing program) 2021/05/31 17:47:45 fetching corpus: 3250, signal 177832/265488 (executing program) 2021/05/31 17:47:45 fetching corpus: 3300, signal 178989/267670 (executing program) 2021/05/31 17:47:45 fetching corpus: 3350, signal 180041/269797 (executing program) 2021/05/31 17:47:45 fetching corpus: 3400, signal 181321/272026 (executing program) 2021/05/31 17:47:45 fetching corpus: 3450, signal 182191/273965 (executing program) 2021/05/31 17:47:45 fetching corpus: 3500, signal 183317/276081 (executing program) 2021/05/31 17:47:45 fetching corpus: 3550, signal 184812/278473 (executing program) 2021/05/31 17:47:45 fetching corpus: 3600, signal 185626/280342 (executing program) 2021/05/31 17:47:45 fetching corpus: 3650, signal 186713/282415 (executing program) 2021/05/31 17:47:45 fetching corpus: 3700, signal 187872/284518 (executing program) 2021/05/31 17:47:45 fetching corpus: 3750, signal 189058/286627 (executing program) 2021/05/31 17:47:45 fetching corpus: 3800, signal 189946/288525 (executing program) 2021/05/31 17:47:45 fetching corpus: 3850, signal 191237/290716 (executing program) 2021/05/31 17:47:45 fetching corpus: 3900, signal 192437/292851 (executing program) 2021/05/31 17:47:46 fetching corpus: 3950, signal 193273/294741 (executing program) 2021/05/31 17:47:46 fetching corpus: 4000, signal 194054/296549 (executing program) 2021/05/31 17:47:46 fetching corpus: 4050, signal 194487/298105 (executing program) 2021/05/31 17:47:46 fetching corpus: 4100, signal 195801/300243 (executing program) 2021/05/31 17:47:46 fetching corpus: 4150, signal 196698/302120 (executing program) 2021/05/31 17:47:46 fetching corpus: 4200, signal 197560/303912 (executing program) 2021/05/31 17:47:46 fetching corpus: 4250, signal 198139/305551 (executing program) 2021/05/31 17:47:46 fetching corpus: 4300, signal 198654/307104 (executing program) 2021/05/31 17:47:46 fetching corpus: 4350, signal 199724/309071 (executing program) 2021/05/31 17:47:46 fetching corpus: 4400, signal 201090/311219 (executing program) 2021/05/31 17:47:46 fetching corpus: 4450, signal 201967/313001 (executing program) 2021/05/31 17:47:46 fetching corpus: 4500, signal 202816/314823 (executing program) 2021/05/31 17:47:46 fetching corpus: 4550, signal 203353/316416 (executing program) 2021/05/31 17:47:46 fetching corpus: 4600, signal 203821/317926 (executing program) 2021/05/31 17:47:46 fetching corpus: 4650, signal 204637/319726 (executing program) 2021/05/31 17:47:46 fetching corpus: 4700, signal 205611/321573 (executing program) 2021/05/31 17:47:46 fetching corpus: 4750, signal 207110/323801 (executing program) 2021/05/31 17:47:46 fetching corpus: 4800, signal 209239/326357 (executing program) 2021/05/31 17:47:46 fetching corpus: 4850, signal 210148/328127 (executing program) 2021/05/31 17:47:47 fetching corpus: 4900, signal 210836/329770 (executing program) 2021/05/31 17:47:47 fetching corpus: 4950, signal 211247/331272 (executing program) 2021/05/31 17:47:47 fetching corpus: 5000, signal 211896/332887 (executing program) 2021/05/31 17:47:47 fetching corpus: 5050, signal 212914/334656 (executing program) 2021/05/31 17:47:47 fetching corpus: 5100, signal 213771/336339 (executing program) 2021/05/31 17:47:47 fetching corpus: 5150, signal 214656/338015 (executing program) 2021/05/31 17:47:47 fetching corpus: 5200, signal 215130/339494 (executing program) 2021/05/31 17:47:47 fetching corpus: 5250, signal 215896/341102 (executing program) 2021/05/31 17:47:47 fetching corpus: 5300, signal 216460/342569 (executing program) 2021/05/31 17:47:47 fetching corpus: 5350, signal 217493/344354 (executing program) 2021/05/31 17:47:47 fetching corpus: 5400, signal 218351/346049 (executing program) 2021/05/31 17:47:47 fetching corpus: 5450, signal 219546/347925 (executing program) 2021/05/31 17:47:48 fetching corpus: 5500, signal 220244/349499 (executing program) 2021/05/31 17:47:48 fetching corpus: 5550, signal 221181/351201 (executing program) 2021/05/31 17:47:48 fetching corpus: 5600, signal 221932/352771 (executing program) 2021/05/31 17:47:48 fetching corpus: 5650, signal 223531/354851 (executing program) 2021/05/31 17:47:48 fetching corpus: 5700, signal 225824/357238 (executing program) 2021/05/31 17:47:48 fetching corpus: 5750, signal 226540/358836 (executing program) 2021/05/31 17:47:48 fetching corpus: 5800, signal 227031/360217 (executing program) 2021/05/31 17:47:48 fetching corpus: 5850, signal 228079/361955 (executing program) 2021/05/31 17:47:48 fetching corpus: 5900, signal 228824/363494 (executing program) 2021/05/31 17:47:48 fetching corpus: 5950, signal 230727/365674 (executing program) 2021/05/31 17:47:48 fetching corpus: 6000, signal 231774/367366 (executing program) 2021/05/31 17:47:48 fetching corpus: 6050, signal 232473/368870 (executing program) 2021/05/31 17:47:48 fetching corpus: 6100, signal 233338/370452 (executing program) 2021/05/31 17:47:48 fetching corpus: 6150, signal 234262/372045 (executing program) 2021/05/31 17:47:49 fetching corpus: 6200, signal 234803/373446 (executing program) 2021/05/31 17:47:49 fetching corpus: 6250, signal 235360/374856 (executing program) 2021/05/31 17:47:49 fetching corpus: 6300, signal 236059/376345 (executing program) 2021/05/31 17:47:49 fetching corpus: 6350, signal 236990/377963 (executing program) 2021/05/31 17:47:49 fetching corpus: 6400, signal 237781/379456 (executing program) 2021/05/31 17:47:49 fetching corpus: 6450, signal 238569/380938 (executing program) 2021/05/31 17:47:49 fetching corpus: 6500, signal 239327/382388 (executing program) 2021/05/31 17:47:49 fetching corpus: 6550, signal 240052/383857 (executing program) 2021/05/31 17:47:49 fetching corpus: 6600, signal 240579/385169 (executing program) 2021/05/31 17:47:49 fetching corpus: 6650, signal 241175/386571 (executing program) 2021/05/31 17:47:49 fetching corpus: 6700, signal 241913/388017 (executing program) 2021/05/31 17:47:49 fetching corpus: 6750, signal 242765/389498 (executing program) 2021/05/31 17:47:49 fetching corpus: 6800, signal 243295/390826 (executing program) 2021/05/31 17:47:49 fetching corpus: 6850, signal 244156/392346 (executing program) 2021/05/31 17:47:50 fetching corpus: 6900, signal 244919/393778 (executing program) 2021/05/31 17:47:50 fetching corpus: 6950, signal 245637/395157 (executing program) 2021/05/31 17:47:50 fetching corpus: 7000, signal 246302/396512 (executing program) 2021/05/31 17:47:50 fetching corpus: 7050, signal 247074/397934 (executing program) 2021/05/31 17:47:50 fetching corpus: 7100, signal 247622/399288 (executing program) 2021/05/31 17:47:50 fetching corpus: 7150, signal 248048/400485 (executing program) 2021/05/31 17:47:50 fetching corpus: 7200, signal 248467/401766 (executing program) 2021/05/31 17:47:50 fetching corpus: 7250, signal 249492/403318 (executing program) 2021/05/31 17:47:50 fetching corpus: 7300, signal 250083/404624 (executing program) 2021/05/31 17:47:50 fetching corpus: 7350, signal 250960/406046 (executing program) 2021/05/31 17:47:50 fetching corpus: 7400, signal 251762/407443 (executing program) 2021/05/31 17:47:50 fetching corpus: 7450, signal 252383/408818 (executing program) 2021/05/31 17:47:50 fetching corpus: 7500, signal 253220/410205 (executing program) 2021/05/31 17:47:50 fetching corpus: 7550, signal 253650/411410 (executing program) 2021/05/31 17:47:50 fetching corpus: 7600, signal 254777/412942 (executing program) 2021/05/31 17:47:50 fetching corpus: 7650, signal 255574/414286 (executing program) 2021/05/31 17:47:50 fetching corpus: 7700, signal 256043/415501 (executing program) 2021/05/31 17:47:50 fetching corpus: 7750, signal 257056/416960 (executing program) 2021/05/31 17:47:51 fetching corpus: 7800, signal 257958/418306 (executing program) 2021/05/31 17:47:51 fetching corpus: 7850, signal 258505/419509 (executing program) 2021/05/31 17:47:51 fetching corpus: 7900, signal 259293/420871 (executing program) 2021/05/31 17:47:51 fetching corpus: 7950, signal 259910/422125 (executing program) 2021/05/31 17:47:51 fetching corpus: 8000, signal 260344/423323 (executing program) 2021/05/31 17:47:51 fetching corpus: 8050, signal 260905/424580 (executing program) 2021/05/31 17:47:51 fetching corpus: 8100, signal 261223/425725 (executing program) 2021/05/31 17:47:51 fetching corpus: 8150, signal 261909/426993 (executing program) 2021/05/31 17:47:51 fetching corpus: 8200, signal 262484/428199 (executing program) 2021/05/31 17:47:51 fetching corpus: 8250, signal 262949/429384 (executing program) 2021/05/31 17:47:51 fetching corpus: 8300, signal 264009/430800 (executing program) 2021/05/31 17:47:51 fetching corpus: 8350, signal 264587/431977 (executing program) 2021/05/31 17:47:51 fetching corpus: 8400, signal 264889/433110 (executing program) 2021/05/31 17:47:51 fetching corpus: 8450, signal 265576/434338 (executing program) 2021/05/31 17:47:51 fetching corpus: 8500, signal 265918/435427 (executing program) 2021/05/31 17:47:51 fetching corpus: 8550, signal 266374/436611 (executing program) 2021/05/31 17:47:51 fetching corpus: 8600, signal 266981/437811 (executing program) 2021/05/31 17:47:51 fetching corpus: 8650, signal 267433/438924 (executing program) 2021/05/31 17:47:52 fetching corpus: 8700, signal 267956/440120 (executing program) 2021/05/31 17:47:52 fetching corpus: 8750, signal 269092/441511 (executing program) 2021/05/31 17:47:52 fetching corpus: 8800, signal 269501/442619 (executing program) 2021/05/31 17:47:52 fetching corpus: 8850, signal 269874/443702 (executing program) 2021/05/31 17:47:52 fetching corpus: 8900, signal 270567/444926 (executing program) 2021/05/31 17:47:52 fetching corpus: 8950, signal 271281/446103 (executing program) 2021/05/31 17:47:52 fetching corpus: 9000, signal 271756/447189 (executing program) 2021/05/31 17:47:52 fetching corpus: 9050, signal 272120/448308 (executing program) 2021/05/31 17:47:52 fetching corpus: 9100, signal 272702/449447 (executing program) 2021/05/31 17:47:52 fetching corpus: 9150, signal 273264/450580 (executing program) 2021/05/31 17:47:52 fetching corpus: 9200, signal 274075/451726 (executing program) 2021/05/31 17:47:52 fetching corpus: 9250, signal 274818/452876 (executing program) 2021/05/31 17:47:52 fetching corpus: 9300, signal 275504/454024 (executing program) 2021/05/31 17:47:52 fetching corpus: 9350, signal 276299/455191 (executing program) 2021/05/31 17:47:52 fetching corpus: 9400, signal 276966/456295 (executing program) 2021/05/31 17:47:52 fetching corpus: 9450, signal 277454/457435 (executing program) 2021/05/31 17:47:52 fetching corpus: 9500, signal 278262/458587 (executing program) 2021/05/31 17:47:52 fetching corpus: 9550, signal 278979/459740 (executing program) 2021/05/31 17:47:53 fetching corpus: 9600, signal 279579/460854 (executing program) 2021/05/31 17:47:53 fetching corpus: 9650, signal 280065/461949 (executing program) 2021/05/31 17:47:53 fetching corpus: 9700, signal 280537/462955 (executing program) 2021/05/31 17:47:53 fetching corpus: 9750, signal 281491/464137 (executing program) 2021/05/31 17:47:53 fetching corpus: 9800, signal 281922/465107 (executing program) 2021/05/31 17:47:53 fetching corpus: 9850, signal 282421/466136 (executing program) 2021/05/31 17:47:53 fetching corpus: 9900, signal 282918/467192 (executing program) 2021/05/31 17:47:53 fetching corpus: 9950, signal 283380/468233 (executing program) 2021/05/31 17:47:53 fetching corpus: 10000, signal 283819/469245 (executing program) 2021/05/31 17:47:53 fetching corpus: 10050, signal 284132/470266 (executing program) 2021/05/31 17:47:53 fetching corpus: 10100, signal 284707/471328 (executing program) 2021/05/31 17:47:53 fetching corpus: 10150, signal 285292/472336 (executing program) 2021/05/31 17:47:53 fetching corpus: 10200, signal 285760/473394 (executing program) 2021/05/31 17:47:53 fetching corpus: 10250, signal 286230/474394 (executing program) 2021/05/31 17:47:53 fetching corpus: 10300, signal 286770/475455 (executing program) 2021/05/31 17:47:53 fetching corpus: 10350, signal 287255/476522 (executing program) 2021/05/31 17:47:53 fetching corpus: 10400, signal 287880/477565 (executing program) 2021/05/31 17:47:53 fetching corpus: 10450, signal 288709/478695 (executing program) 2021/05/31 17:47:53 fetching corpus: 10500, signal 289659/479777 (executing program) 2021/05/31 17:47:54 fetching corpus: 10550, signal 290098/480787 (executing program) 2021/05/31 17:47:54 fetching corpus: 10600, signal 290647/481786 (executing program) 2021/05/31 17:47:54 fetching corpus: 10650, signal 291137/482792 (executing program) 2021/05/31 17:47:54 fetching corpus: 10700, signal 291478/483756 (executing program) 2021/05/31 17:47:54 fetching corpus: 10750, signal 291840/484709 (executing program) 2021/05/31 17:47:54 fetching corpus: 10800, signal 292295/485656 (executing program) 2021/05/31 17:47:54 fetching corpus: 10850, signal 292920/486658 (executing program) 2021/05/31 17:47:54 fetching corpus: 10900, signal 293382/487648 (executing program) 2021/05/31 17:47:54 fetching corpus: 10950, signal 294043/488623 (executing program) 2021/05/31 17:47:54 fetching corpus: 11000, signal 294571/489616 (executing program) 2021/05/31 17:47:54 fetching corpus: 11050, signal 295092/490588 (executing program) 2021/05/31 17:47:54 fetching corpus: 11100, signal 295682/491594 (executing program) 2021/05/31 17:47:54 fetching corpus: 11150, signal 296325/492548 (executing program) 2021/05/31 17:47:54 fetching corpus: 11200, signal 296740/493526 (executing program) 2021/05/31 17:47:54 fetching corpus: 11250, signal 297066/494455 (executing program) 2021/05/31 17:47:54 fetching corpus: 11300, signal 297522/495372 (executing program) 2021/05/31 17:47:54 fetching corpus: 11350, signal 298025/496319 (executing program) 2021/05/31 17:47:54 fetching corpus: 11400, signal 298672/497256 (executing program) 2021/05/31 17:47:55 fetching corpus: 11450, signal 298949/498135 (executing program) 2021/05/31 17:47:55 fetching corpus: 11500, signal 299272/499044 (executing program) 2021/05/31 17:47:55 fetching corpus: 11550, signal 299629/499949 (executing program) 2021/05/31 17:47:55 fetching corpus: 11600, signal 300007/500797 (executing program) 2021/05/31 17:47:55 fetching corpus: 11650, signal 300462/501737 (executing program) 2021/05/31 17:47:55 fetching corpus: 11700, signal 300790/502680 (executing program) 2021/05/31 17:47:55 fetching corpus: 11750, signal 301318/503604 (executing program) 2021/05/31 17:47:55 fetching corpus: 11800, signal 301677/504512 (executing program) 2021/05/31 17:47:55 fetching corpus: 11850, signal 302188/505422 (executing program) 2021/05/31 17:47:55 fetching corpus: 11900, signal 303058/506330 (executing program) 2021/05/31 17:47:55 fetching corpus: 11950, signal 303825/507228 (executing program) 2021/05/31 17:47:55 fetching corpus: 12000, signal 304345/508128 (executing program) 2021/05/31 17:47:55 fetching corpus: 12050, signal 304767/508996 (executing program) 2021/05/31 17:47:55 fetching corpus: 12100, signal 305358/509863 (executing program) 2021/05/31 17:47:55 fetching corpus: 12150, signal 305667/510735 (executing program) 2021/05/31 17:47:55 fetching corpus: 12200, signal 306432/511642 (executing program) 2021/05/31 17:47:55 fetching corpus: 12250, signal 306766/512508 (executing program) 2021/05/31 17:47:55 fetching corpus: 12300, signal 307201/513370 (executing program) 2021/05/31 17:47:55 fetching corpus: 12350, signal 307793/514238 (executing program) 2021/05/31 17:47:55 fetching corpus: 12400, signal 308242/515110 (executing program) 2021/05/31 17:47:56 fetching corpus: 12450, signal 308582/515942 (executing program) 2021/05/31 17:47:56 fetching corpus: 12500, signal 308992/516804 (executing program) 2021/05/31 17:47:56 fetching corpus: 12550, signal 309379/517693 (executing program) 2021/05/31 17:47:56 fetching corpus: 12600, signal 309675/518542 (executing program) 2021/05/31 17:47:56 fetching corpus: 12650, signal 309994/519407 (executing program) 2021/05/31 17:47:56 fetching corpus: 12700, signal 310780/520254 (executing program) 2021/05/31 17:47:56 fetching corpus: 12750, signal 311114/521100 (executing program) 2021/05/31 17:47:56 fetching corpus: 12800, signal 311590/521929 (executing program) 2021/05/31 17:47:56 fetching corpus: 12850, signal 311952/522798 (executing program) 2021/05/31 17:47:56 fetching corpus: 12900, signal 312343/523618 (executing program) 2021/05/31 17:47:56 fetching corpus: 12950, signal 312715/524462 (executing program) 2021/05/31 17:47:56 fetching corpus: 13000, signal 313144/525253 (executing program) 2021/05/31 17:47:56 fetching corpus: 13050, signal 313448/526043 (executing program) 2021/05/31 17:47:56 fetching corpus: 13100, signal 313941/526856 (executing program) 2021/05/31 17:47:56 fetching corpus: 13150, signal 314234/527412 (executing program) 2021/05/31 17:47:56 fetching corpus: 13200, signal 315003/527412 (executing program) 2021/05/31 17:47:56 fetching corpus: 13250, signal 315408/527412 (executing program) 2021/05/31 17:47:56 fetching corpus: 13300, signal 315669/527412 (executing program) 2021/05/31 17:47:56 fetching corpus: 13350, signal 316013/527412 (executing program) 2021/05/31 17:47:57 fetching corpus: 13400, signal 316492/527412 (executing program) 2021/05/31 17:47:57 fetching corpus: 13450, signal 316926/527412 (executing program) 2021/05/31 17:47:57 fetching corpus: 13500, signal 317357/527412 (executing program) 2021/05/31 17:47:57 fetching corpus: 13550, signal 317699/527412 (executing program) 2021/05/31 17:47:57 fetching corpus: 13600, signal 318179/527412 (executing program) 2021/05/31 17:47:57 fetching corpus: 13650, signal 318639/527412 (executing program) 2021/05/31 17:47:57 fetching corpus: 13700, signal 318998/527412 (executing program) 2021/05/31 17:47:57 fetching corpus: 13750, signal 319517/527412 (executing program) 2021/05/31 17:47:57 fetching corpus: 13800, signal 319831/527412 (executing program) 2021/05/31 17:47:57 fetching corpus: 13850, signal 320169/527412 (executing program) 2021/05/31 17:47:57 fetching corpus: 13900, signal 320574/527412 (executing program) 2021/05/31 17:47:57 fetching corpus: 13950, signal 320990/527412 (executing program) 2021/05/31 17:47:57 fetching corpus: 14000, signal 321267/527412 (executing program) 2021/05/31 17:47:57 fetching corpus: 14050, signal 321690/527412 (executing program) 2021/05/31 17:47:57 fetching corpus: 14100, signal 322023/527412 (executing program) 2021/05/31 17:47:57 fetching corpus: 14150, signal 322665/527412 (executing program) 2021/05/31 17:47:57 fetching corpus: 14200, signal 322993/527412 (executing program) 2021/05/31 17:47:57 fetching corpus: 14250, signal 323427/527412 (executing program) 2021/05/31 17:47:57 fetching corpus: 14300, signal 323885/527412 (executing program) 2021/05/31 17:47:57 fetching corpus: 14350, signal 324260/527412 (executing program) 2021/05/31 17:47:58 fetching corpus: 14400, signal 324827/527412 (executing program) 2021/05/31 17:47:58 fetching corpus: 14450, signal 325334/527412 (executing program) 2021/05/31 17:47:58 fetching corpus: 14500, signal 325732/527412 (executing program) 2021/05/31 17:47:58 fetching corpus: 14550, signal 326142/527412 (executing program) 2021/05/31 17:47:58 fetching corpus: 14600, signal 326672/527412 (executing program) 2021/05/31 17:47:58 fetching corpus: 14650, signal 327055/527412 (executing program) 2021/05/31 17:47:58 fetching corpus: 14700, signal 327291/527412 (executing program) 2021/05/31 17:47:58 fetching corpus: 14750, signal 327716/527412 (executing program) 2021/05/31 17:47:58 fetching corpus: 14800, signal 328098/527412 (executing program) 2021/05/31 17:47:58 fetching corpus: 14850, signal 328504/527412 (executing program) 2021/05/31 17:47:58 fetching corpus: 14900, signal 329032/527412 (executing program) 2021/05/31 17:47:58 fetching corpus: 14950, signal 329377/527412 (executing program) 2021/05/31 17:47:58 fetching corpus: 15000, signal 329690/527412 (executing program) 2021/05/31 17:47:58 fetching corpus: 15050, signal 330066/527412 (executing program) 2021/05/31 17:47:58 fetching corpus: 15100, signal 330409/527412 (executing program) 2021/05/31 17:47:58 fetching corpus: 15150, signal 330679/527412 (executing program) 2021/05/31 17:47:58 fetching corpus: 15200, signal 331038/527412 (executing program) 2021/05/31 17:47:58 fetching corpus: 15250, signal 331495/527412 (executing program) 2021/05/31 17:47:58 fetching corpus: 15300, signal 331907/527412 (executing program) 2021/05/31 17:47:58 fetching corpus: 15350, signal 332138/527412 (executing program) 2021/05/31 17:47:58 fetching corpus: 15400, signal 333920/527412 (executing program) 2021/05/31 17:47:58 fetching corpus: 15450, signal 334329/527412 (executing program) 2021/05/31 17:47:58 fetching corpus: 15500, signal 334702/527412 (executing program) 2021/05/31 17:47:59 fetching corpus: 15550, signal 335069/527412 (executing program) 2021/05/31 17:47:59 fetching corpus: 15600, signal 335445/527412 (executing program) 2021/05/31 17:47:59 fetching corpus: 15650, signal 335673/527412 (executing program) 2021/05/31 17:47:59 fetching corpus: 15700, signal 336254/527412 (executing program) 2021/05/31 17:47:59 fetching corpus: 15750, signal 336715/527412 (executing program) 2021/05/31 17:47:59 fetching corpus: 15800, signal 337002/527412 (executing program) 2021/05/31 17:47:59 fetching corpus: 15850, signal 337302/527412 (executing program) 2021/05/31 17:47:59 fetching corpus: 15900, signal 337609/527412 (executing program) 2021/05/31 17:47:59 fetching corpus: 15950, signal 337883/527412 (executing program) 2021/05/31 17:47:59 fetching corpus: 16000, signal 338329/527412 (executing program) 2021/05/31 17:47:59 fetching corpus: 16050, signal 338802/527412 (executing program) 2021/05/31 17:47:59 fetching corpus: 16100, signal 339101/527412 (executing program) 2021/05/31 17:47:59 fetching corpus: 16150, signal 339396/527412 (executing program) 2021/05/31 17:47:59 fetching corpus: 16200, signal 339696/527412 (executing program) 2021/05/31 17:47:59 fetching corpus: 16250, signal 340018/527412 (executing program) 2021/05/31 17:47:59 fetching corpus: 16300, signal 340355/527412 (executing program) 2021/05/31 17:48:00 fetching corpus: 16350, signal 340708/527412 (executing program) 2021/05/31 17:48:00 fetching corpus: 16400, signal 341107/527412 (executing program) 2021/05/31 17:48:00 fetching corpus: 16450, signal 341319/527412 (executing program) 2021/05/31 17:48:00 fetching corpus: 16500, signal 341649/527412 (executing program) 2021/05/31 17:48:00 fetching corpus: 16550, signal 341941/527412 (executing program) 2021/05/31 17:48:00 fetching corpus: 16600, signal 342262/527412 (executing program) 2021/05/31 17:48:00 fetching corpus: 16650, signal 342605/527412 (executing program) 2021/05/31 17:48:00 fetching corpus: 16700, signal 342960/527412 (executing program) 2021/05/31 17:48:00 fetching corpus: 16750, signal 343690/527412 (executing program) 2021/05/31 17:48:00 fetching corpus: 16800, signal 344024/527412 (executing program) 2021/05/31 17:48:00 fetching corpus: 16850, signal 344227/527412 (executing program) 2021/05/31 17:48:00 fetching corpus: 16900, signal 344541/527412 (executing program) 2021/05/31 17:48:00 fetching corpus: 16950, signal 344869/527412 (executing program) 2021/05/31 17:48:00 fetching corpus: 17000, signal 345212/527412 (executing program) 2021/05/31 17:48:00 fetching corpus: 17050, signal 345487/527412 (executing program) 2021/05/31 17:48:00 fetching corpus: 17100, signal 345827/527412 (executing program) 2021/05/31 17:48:00 fetching corpus: 17150, signal 346173/527412 (executing program) 2021/05/31 17:48:00 fetching corpus: 17200, signal 346694/527412 (executing program) 2021/05/31 17:48:00 fetching corpus: 17250, signal 346983/527412 (executing program) 2021/05/31 17:48:00 fetching corpus: 17300, signal 347450/527412 (executing program) 2021/05/31 17:48:00 fetching corpus: 17350, signal 347870/527412 (executing program) 2021/05/31 17:48:00 fetching corpus: 17400, signal 348252/527412 (executing program) 2021/05/31 17:48:01 fetching corpus: 17450, signal 348510/527412 (executing program) 2021/05/31 17:48:01 fetching corpus: 17500, signal 348847/527412 (executing program) 2021/05/31 17:48:01 fetching corpus: 17550, signal 349107/527412 (executing program) 2021/05/31 17:48:01 fetching corpus: 17600, signal 349407/527412 (executing program) 2021/05/31 17:48:01 fetching corpus: 17650, signal 349704/527412 (executing program) 2021/05/31 17:48:01 fetching corpus: 17700, signal 350084/527412 (executing program) 2021/05/31 17:48:01 fetching corpus: 17750, signal 350581/527412 (executing program) 2021/05/31 17:48:01 fetching corpus: 17800, signal 350944/527412 (executing program) 2021/05/31 17:48:01 fetching corpus: 17850, signal 351281/527412 (executing program) 2021/05/31 17:48:01 fetching corpus: 17900, signal 351578/527412 (executing program) 2021/05/31 17:48:01 fetching corpus: 17950, signal 352024/527412 (executing program) 2021/05/31 17:48:01 fetching corpus: 18000, signal 352413/527412 (executing program) 2021/05/31 17:48:01 fetching corpus: 18050, signal 352797/527412 (executing program) 2021/05/31 17:48:01 fetching corpus: 18100, signal 353073/527412 (executing program) 2021/05/31 17:48:01 fetching corpus: 18150, signal 353369/527412 (executing program) 2021/05/31 17:48:01 fetching corpus: 18200, signal 353768/527412 (executing program) 2021/05/31 17:48:01 fetching corpus: 18250, signal 354094/527412 (executing program) 2021/05/31 17:48:02 fetching corpus: 18300, signal 354548/527412 (executing program) 2021/05/31 17:48:02 fetching corpus: 18350, signal 354907/527412 (executing program) 2021/05/31 17:48:02 fetching corpus: 18400, signal 355214/527412 (executing program) 2021/05/31 17:48:02 fetching corpus: 18450, signal 355471/527412 (executing program) 2021/05/31 17:48:02 fetching corpus: 18500, signal 355805/527412 (executing program) 2021/05/31 17:48:02 fetching corpus: 18550, signal 356182/527412 (executing program) 2021/05/31 17:48:02 fetching corpus: 18600, signal 356586/527535 (executing program) 2021/05/31 17:48:02 fetching corpus: 18650, signal 356925/527535 (executing program) 2021/05/31 17:48:02 fetching corpus: 18700, signal 357129/527535 (executing program) 2021/05/31 17:48:02 fetching corpus: 18750, signal 357491/527535 (executing program) 2021/05/31 17:48:02 fetching corpus: 18800, signal 357837/527535 (executing program) 2021/05/31 17:48:02 fetching corpus: 18850, signal 358095/527535 (executing program) 2021/05/31 17:48:02 fetching corpus: 18900, signal 358458/527535 (executing program) 2021/05/31 17:48:02 fetching corpus: 18950, signal 358673/527535 (executing program) 2021/05/31 17:48:02 fetching corpus: 19000, signal 358931/527535 (executing program) 2021/05/31 17:48:02 fetching corpus: 19050, signal 359229/527535 (executing program) 2021/05/31 17:48:02 fetching corpus: 19100, signal 359511/527535 (executing program) 2021/05/31 17:48:03 fetching corpus: 19150, signal 360000/527535 (executing program) 2021/05/31 17:48:03 fetching corpus: 19200, signal 360287/527535 (executing program) 2021/05/31 17:48:03 fetching corpus: 19250, signal 360604/527535 (executing program) 2021/05/31 17:48:03 fetching corpus: 19300, signal 361076/527535 (executing program) 2021/05/31 17:48:03 fetching corpus: 19350, signal 361372/527535 (executing program) 2021/05/31 17:48:03 fetching corpus: 19400, signal 361712/527535 (executing program) 2021/05/31 17:48:03 fetching corpus: 19450, signal 362285/527535 (executing program) 2021/05/31 17:48:03 fetching corpus: 19500, signal 362602/527535 (executing program) 2021/05/31 17:48:03 fetching corpus: 19550, signal 363003/527535 (executing program) 2021/05/31 17:48:03 fetching corpus: 19600, signal 363305/527535 (executing program) 2021/05/31 17:48:03 fetching corpus: 19650, signal 363535/527535 (executing program) 2021/05/31 17:48:03 fetching corpus: 19700, signal 363795/527535 (executing program) 2021/05/31 17:48:03 fetching corpus: 19750, signal 364106/527535 (executing program) 2021/05/31 17:48:03 fetching corpus: 19800, signal 364481/527535 (executing program) 2021/05/31 17:48:03 fetching corpus: 19850, signal 364842/527535 (executing program) 2021/05/31 17:48:03 fetching corpus: 19900, signal 365395/527535 (executing program) 2021/05/31 17:48:04 fetching corpus: 19950, signal 365617/527535 (executing program) 2021/05/31 17:48:04 fetching corpus: 20000, signal 365818/527535 (executing program) 2021/05/31 17:48:04 fetching corpus: 20050, signal 366145/527535 (executing program) 2021/05/31 17:48:04 fetching corpus: 20100, signal 366495/527535 (executing program) 2021/05/31 17:48:04 fetching corpus: 20150, signal 366763/527535 (executing program) 2021/05/31 17:48:04 fetching corpus: 20200, signal 367057/527535 (executing program) 2021/05/31 17:48:04 fetching corpus: 20250, signal 367351/527535 (executing program) 2021/05/31 17:48:04 fetching corpus: 20300, signal 367521/527535 (executing program) 2021/05/31 17:48:04 fetching corpus: 20350, signal 367869/527535 (executing program) 2021/05/31 17:48:04 fetching corpus: 20400, signal 368189/527535 (executing program) 2021/05/31 17:48:04 fetching corpus: 20450, signal 368531/527535 (executing program) 2021/05/31 17:48:04 fetching corpus: 20500, signal 368795/527535 (executing program) 2021/05/31 17:48:04 fetching corpus: 20550, signal 369144/527535 (executing program) 2021/05/31 17:48:04 fetching corpus: 20600, signal 369454/527535 (executing program) 2021/05/31 17:48:04 fetching corpus: 20650, signal 369794/527535 (executing program) 2021/05/31 17:48:04 fetching corpus: 20700, signal 370229/527535 (executing program) 2021/05/31 17:48:04 fetching corpus: 20750, signal 370579/527535 (executing program) 2021/05/31 17:48:05 fetching corpus: 20800, signal 370874/527535 (executing program) 2021/05/31 17:48:05 fetching corpus: 20850, signal 371467/527535 (executing program) 2021/05/31 17:48:05 fetching corpus: 20900, signal 371822/527535 (executing program) 2021/05/31 17:48:05 fetching corpus: 20950, signal 372048/527535 (executing program) 2021/05/31 17:48:05 fetching corpus: 21000, signal 372339/527535 (executing program) 2021/05/31 17:48:05 fetching corpus: 21050, signal 372840/527535 (executing program) 2021/05/31 17:48:05 fetching corpus: 21100, signal 373107/527535 (executing program) 2021/05/31 17:48:05 fetching corpus: 21150, signal 373577/527535 (executing program) 2021/05/31 17:48:05 fetching corpus: 21200, signal 373956/527535 (executing program) 2021/05/31 17:48:05 fetching corpus: 21250, signal 374237/527535 (executing program) 2021/05/31 17:48:05 fetching corpus: 21300, signal 374456/527535 (executing program) 2021/05/31 17:48:05 fetching corpus: 21350, signal 374757/527537 (executing program) 2021/05/31 17:48:05 fetching corpus: 21400, signal 375011/527537 (executing program) 2021/05/31 17:48:05 fetching corpus: 21450, signal 375245/527537 (executing program) 2021/05/31 17:48:05 fetching corpus: 21500, signal 375493/527537 (executing program) 2021/05/31 17:48:05 fetching corpus: 21550, signal 375747/527537 (executing program) 2021/05/31 17:48:05 fetching corpus: 21600, signal 378138/527537 (executing program) 2021/05/31 17:48:05 fetching corpus: 21650, signal 378350/527537 (executing program) 2021/05/31 17:48:05 fetching corpus: 21700, signal 378635/527537 (executing program) 2021/05/31 17:48:05 fetching corpus: 21750, signal 379013/527537 (executing program) 2021/05/31 17:48:05 fetching corpus: 21800, signal 379343/527537 (executing program) 2021/05/31 17:48:05 fetching corpus: 21850, signal 379646/527537 (executing program) 2021/05/31 17:48:06 fetching corpus: 21900, signal 379889/527537 (executing program) 2021/05/31 17:48:06 fetching corpus: 21950, signal 380270/527537 (executing program) 2021/05/31 17:48:06 fetching corpus: 22000, signal 380687/527537 (executing program) 2021/05/31 17:48:06 fetching corpus: 22050, signal 381039/527537 (executing program) 2021/05/31 17:48:06 fetching corpus: 22100, signal 381344/527537 (executing program) 2021/05/31 17:48:06 fetching corpus: 22150, signal 381620/527537 (executing program) 2021/05/31 17:48:06 fetching corpus: 22200, signal 381873/527537 (executing program) 2021/05/31 17:48:06 fetching corpus: 22250, signal 382211/527537 (executing program) 2021/05/31 17:48:06 fetching corpus: 22300, signal 382473/527537 (executing program) 2021/05/31 17:48:06 fetching corpus: 22350, signal 382780/527537 (executing program) 2021/05/31 17:48:06 fetching corpus: 22400, signal 383059/527537 (executing program) 2021/05/31 17:48:06 fetching corpus: 22450, signal 383265/527537 (executing program) 2021/05/31 17:48:06 fetching corpus: 22500, signal 383456/527537 (executing program) 2021/05/31 17:48:06 fetching corpus: 22550, signal 383696/527539 (executing program) 2021/05/31 17:48:06 fetching corpus: 22600, signal 384124/527539 (executing program) 2021/05/31 17:48:06 fetching corpus: 22650, signal 384510/527539 (executing program) 2021/05/31 17:48:06 fetching corpus: 22700, signal 384798/527539 (executing program) 2021/05/31 17:48:06 fetching corpus: 22750, signal 385045/527539 (executing program) 2021/05/31 17:48:06 fetching corpus: 22800, signal 385249/527539 (executing program) 2021/05/31 17:48:07 fetching corpus: 22850, signal 385470/527539 (executing program) 2021/05/31 17:48:07 fetching corpus: 22900, signal 385911/527539 (executing program) 2021/05/31 17:48:07 fetching corpus: 22950, signal 386210/527539 (executing program) 2021/05/31 17:48:07 fetching corpus: 23000, signal 386446/527539 (executing program) 2021/05/31 17:48:07 fetching corpus: 23050, signal 386998/527539 (executing program) 2021/05/31 17:48:07 fetching corpus: 23100, signal 387254/527539 (executing program) 2021/05/31 17:48:07 fetching corpus: 23150, signal 387587/527539 (executing program) 2021/05/31 17:48:07 fetching corpus: 23200, signal 387840/527539 (executing program) 2021/05/31 17:48:07 fetching corpus: 23250, signal 388214/527539 (executing program) 2021/05/31 17:48:07 fetching corpus: 23300, signal 388471/527539 (executing program) 2021/05/31 17:48:07 fetching corpus: 23350, signal 388674/527539 (executing program) 2021/05/31 17:48:07 fetching corpus: 23400, signal 388920/527539 (executing program) 2021/05/31 17:48:07 fetching corpus: 23450, signal 389309/527539 (executing program) 2021/05/31 17:48:07 fetching corpus: 23500, signal 389571/527539 (executing program) 2021/05/31 17:48:07 fetching corpus: 23550, signal 389854/527539 (executing program) 2021/05/31 17:48:07 fetching corpus: 23600, signal 390260/527539 (executing program) 2021/05/31 17:48:07 fetching corpus: 23650, signal 390491/527539 (executing program) 2021/05/31 17:48:07 fetching corpus: 23700, signal 390799/527539 (executing program) 2021/05/31 17:48:08 fetching corpus: 23750, signal 391079/527539 (executing program) 2021/05/31 17:48:08 fetching corpus: 23800, signal 391268/527539 (executing program) 2021/05/31 17:48:08 fetching corpus: 23850, signal 391631/527539 (executing program) 2021/05/31 17:48:08 fetching corpus: 23900, signal 391983/527539 (executing program) 2021/05/31 17:48:08 fetching corpus: 23950, signal 392312/527539 (executing program) 2021/05/31 17:48:08 fetching corpus: 24000, signal 392688/527539 (executing program) 2021/05/31 17:48:08 fetching corpus: 24050, signal 392911/527539 (executing program) 2021/05/31 17:48:08 fetching corpus: 24100, signal 393170/527539 (executing program) 2021/05/31 17:48:08 fetching corpus: 24150, signal 393394/527539 (executing program) 2021/05/31 17:48:08 fetching corpus: 24200, signal 393666/527539 (executing program) 2021/05/31 17:48:08 fetching corpus: 24250, signal 393886/527539 (executing program) 2021/05/31 17:48:08 fetching corpus: 24300, signal 394190/527539 (executing program) 2021/05/31 17:48:08 fetching corpus: 24350, signal 394541/527539 (executing program) 2021/05/31 17:48:08 fetching corpus: 24400, signal 394879/527539 (executing program) 2021/05/31 17:48:08 fetching corpus: 24450, signal 395159/527539 (executing program) 2021/05/31 17:48:08 fetching corpus: 24500, signal 395415/527539 (executing program) 2021/05/31 17:48:08 fetching corpus: 24550, signal 395790/527539 (executing program) 2021/05/31 17:48:08 fetching corpus: 24600, signal 396080/527539 (executing program) 2021/05/31 17:48:08 fetching corpus: 24650, signal 396402/527539 (executing program) 2021/05/31 17:48:08 fetching corpus: 24700, signal 396683/527539 (executing program) 2021/05/31 17:48:09 fetching corpus: 24750, signal 397012/527539 (executing program) 2021/05/31 17:48:09 fetching corpus: 24800, signal 397359/527539 (executing program) 2021/05/31 17:48:09 fetching corpus: 24850, signal 397882/527539 (executing program) 2021/05/31 17:48:09 fetching corpus: 24900, signal 398127/527539 (executing program) 2021/05/31 17:48:09 fetching corpus: 24950, signal 398296/527539 (executing program) 2021/05/31 17:48:09 fetching corpus: 25000, signal 398590/527539 (executing program) 2021/05/31 17:48:09 fetching corpus: 25050, signal 398868/527540 (executing program) 2021/05/31 17:48:09 fetching corpus: 25100, signal 399126/527540 (executing program) 2021/05/31 17:48:09 fetching corpus: 25150, signal 399383/527540 (executing program) 2021/05/31 17:48:09 fetching corpus: 25200, signal 399586/527540 (executing program) 2021/05/31 17:48:09 fetching corpus: 25250, signal 399802/527540 (executing program) 2021/05/31 17:48:09 fetching corpus: 25300, signal 400065/527540 (executing program) 2021/05/31 17:48:09 fetching corpus: 25350, signal 400288/527540 (executing program) 2021/05/31 17:48:09 fetching corpus: 25400, signal 400703/527540 (executing program) 2021/05/31 17:48:09 fetching corpus: 25450, signal 401046/527540 (executing program) 2021/05/31 17:48:09 fetching corpus: 25500, signal 401358/527540 (executing program) 2021/05/31 17:48:09 fetching corpus: 25550, signal 401621/527540 (executing program) 2021/05/31 17:48:09 fetching corpus: 25600, signal 401958/527540 (executing program) 2021/05/31 17:48:09 fetching corpus: 25650, signal 402126/527540 (executing program) 2021/05/31 17:48:09 fetching corpus: 25700, signal 402357/527540 (executing program) 2021/05/31 17:48:10 fetching corpus: 25750, signal 402817/527540 (executing program) 2021/05/31 17:48:10 fetching corpus: 25800, signal 403078/527540 (executing program) 2021/05/31 17:48:10 fetching corpus: 25850, signal 403484/527540 (executing program) 2021/05/31 17:48:10 fetching corpus: 25900, signal 403689/527540 (executing program) 2021/05/31 17:48:10 fetching corpus: 25950, signal 403957/527540 (executing program) 2021/05/31 17:48:10 fetching corpus: 26000, signal 404118/527540 (executing program) 2021/05/31 17:48:10 fetching corpus: 26050, signal 404503/527540 (executing program) 2021/05/31 17:48:10 fetching corpus: 26100, signal 404737/527540 (executing program) 2021/05/31 17:48:10 fetching corpus: 26150, signal 405110/527540 (executing program) 2021/05/31 17:48:10 fetching corpus: 26200, signal 405353/527540 (executing program) 2021/05/31 17:48:10 fetching corpus: 26250, signal 405589/527540 (executing program) 2021/05/31 17:48:10 fetching corpus: 26300, signal 405852/527540 (executing program) 2021/05/31 17:48:10 fetching corpus: 26350, signal 406306/527540 (executing program) 2021/05/31 17:48:10 fetching corpus: 26400, signal 406490/527540 (executing program) 2021/05/31 17:48:10 fetching corpus: 26450, signal 406759/527542 (executing program) 2021/05/31 17:48:10 fetching corpus: 26500, signal 406971/527542 (executing program) 2021/05/31 17:48:10 fetching corpus: 26550, signal 407228/527542 (executing program) 2021/05/31 17:48:10 fetching corpus: 26600, signal 407446/527542 (executing program) 2021/05/31 17:48:10 fetching corpus: 26650, signal 407678/527542 (executing program) 2021/05/31 17:48:10 fetching corpus: 26700, signal 407965/527542 (executing program) 2021/05/31 17:48:10 fetching corpus: 26750, signal 408180/527542 (executing program) 2021/05/31 17:48:11 fetching corpus: 26800, signal 408351/527542 (executing program) 2021/05/31 17:48:11 fetching corpus: 26850, signal 408608/527542 (executing program) 2021/05/31 17:48:11 fetching corpus: 26900, signal 408893/527542 (executing program) 2021/05/31 17:48:11 fetching corpus: 26950, signal 409219/527542 (executing program) 2021/05/31 17:48:11 fetching corpus: 27000, signal 409624/527542 (executing program) 2021/05/31 17:48:11 fetching corpus: 27050, signal 409897/527542 (executing program) 2021/05/31 17:48:11 fetching corpus: 27100, signal 410143/527542 (executing program) 2021/05/31 17:48:11 fetching corpus: 27150, signal 410450/527542 (executing program) 2021/05/31 17:48:11 fetching corpus: 27200, signal 410712/527542 (executing program) 2021/05/31 17:48:11 fetching corpus: 27250, signal 411004/527542 (executing program) 2021/05/31 17:48:11 fetching corpus: 27300, signal 411232/527542 (executing program) 2021/05/31 17:48:11 fetching corpus: 27350, signal 411461/527542 (executing program) 2021/05/31 17:48:11 fetching corpus: 27400, signal 411709/527542 (executing program) 2021/05/31 17:48:11 fetching corpus: 27450, signal 411995/527542 (executing program) 2021/05/31 17:48:11 fetching corpus: 27500, signal 412195/527542 (executing program) 2021/05/31 17:48:11 fetching corpus: 27550, signal 412372/527542 (executing program) 2021/05/31 17:48:11 fetching corpus: 27600, signal 412598/527542 (executing program) 2021/05/31 17:48:11 fetching corpus: 27650, signal 412828/527542 (executing program) 2021/05/31 17:48:12 fetching corpus: 27700, signal 413075/527542 (executing program) 2021/05/31 17:48:12 fetching corpus: 27750, signal 413294/527542 (executing program) 2021/05/31 17:48:12 fetching corpus: 27800, signal 413660/527542 (executing program) 2021/05/31 17:48:12 fetching corpus: 27850, signal 413895/527542 (executing program) 2021/05/31 17:48:12 fetching corpus: 27900, signal 414178/527542 (executing program) 2021/05/31 17:48:12 fetching corpus: 27950, signal 414400/527542 (executing program) 2021/05/31 17:48:12 fetching corpus: 28000, signal 414608/527542 (executing program) 2021/05/31 17:48:12 fetching corpus: 28050, signal 414846/527542 (executing program) 2021/05/31 17:48:12 fetching corpus: 28100, signal 415056/527542 (executing program) 2021/05/31 17:48:12 fetching corpus: 28150, signal 415264/527542 (executing program) 2021/05/31 17:48:12 fetching corpus: 28200, signal 415474/527547 (executing program) 2021/05/31 17:48:12 fetching corpus: 28250, signal 415872/527548 (executing program) 2021/05/31 17:48:12 fetching corpus: 28300, signal 417028/527548 (executing program) 2021/05/31 17:48:12 fetching corpus: 28350, signal 417233/527548 (executing program) 2021/05/31 17:48:12 fetching corpus: 28400, signal 417485/527551 (executing program) 2021/05/31 17:48:12 fetching corpus: 28450, signal 418065/527551 (executing program) 2021/05/31 17:48:12 fetching corpus: 28500, signal 418288/527551 (executing program) 2021/05/31 17:48:12 fetching corpus: 28550, signal 418488/527551 (executing program) 2021/05/31 17:48:12 fetching corpus: 28600, signal 418744/527551 (executing program) 2021/05/31 17:48:12 fetching corpus: 28650, signal 419028/527551 (executing program) 2021/05/31 17:48:12 fetching corpus: 28700, signal 419322/527551 (executing program) 2021/05/31 17:48:12 fetching corpus: 28750, signal 419532/527551 (executing program) 2021/05/31 17:48:13 fetching corpus: 28800, signal 419795/527551 (executing program) 2021/05/31 17:48:13 fetching corpus: 28850, signal 420028/527551 (executing program) 2021/05/31 17:48:13 fetching corpus: 28900, signal 420331/527551 (executing program) 2021/05/31 17:48:13 fetching corpus: 28950, signal 420814/527551 (executing program) 2021/05/31 17:48:13 fetching corpus: 29000, signal 421101/527551 (executing program) 2021/05/31 17:48:13 fetching corpus: 29050, signal 421287/527551 (executing program) 2021/05/31 17:48:13 fetching corpus: 29100, signal 421803/527551 (executing program) 2021/05/31 17:48:13 fetching corpus: 29150, signal 421985/527551 (executing program) 2021/05/31 17:48:13 fetching corpus: 29200, signal 422290/527551 (executing program) 2021/05/31 17:48:13 fetching corpus: 29250, signal 422614/527551 (executing program) 2021/05/31 17:48:13 fetching corpus: 29300, signal 422801/527551 (executing program) 2021/05/31 17:48:13 fetching corpus: 29350, signal 423065/527551 (executing program) 2021/05/31 17:48:13 fetching corpus: 29400, signal 423242/527551 (executing program) 2021/05/31 17:48:13 fetching corpus: 29450, signal 423569/527551 (executing program) 2021/05/31 17:48:13 fetching corpus: 29500, signal 423839/527551 (executing program) 2021/05/31 17:48:13 fetching corpus: 29550, signal 424001/527551 (executing program) 2021/05/31 17:48:13 fetching corpus: 29600, signal 424285/527551 (executing program) 2021/05/31 17:48:13 fetching corpus: 29650, signal 424516/527551 (executing program) 2021/05/31 17:48:13 fetching corpus: 29700, signal 424687/527551 (executing program) 2021/05/31 17:48:14 fetching corpus: 29750, signal 424961/527551 (executing program) 2021/05/31 17:48:14 fetching corpus: 29800, signal 425243/527551 (executing program) 2021/05/31 17:48:14 fetching corpus: 29850, signal 425437/527551 (executing program) 2021/05/31 17:48:14 fetching corpus: 29900, signal 425615/527551 (executing program) 2021/05/31 17:48:14 fetching corpus: 29950, signal 425829/527551 (executing program) 2021/05/31 17:48:14 fetching corpus: 30000, signal 426036/527551 (executing program) 2021/05/31 17:48:14 fetching corpus: 30050, signal 426288/527551 (executing program) 2021/05/31 17:48:14 fetching corpus: 30100, signal 426747/527551 (executing program) 2021/05/31 17:48:14 fetching corpus: 30150, signal 426894/527551 (executing program) 2021/05/31 17:48:14 fetching corpus: 30200, signal 427108/527551 (executing program) 2021/05/31 17:48:14 fetching corpus: 30250, signal 427536/527551 (executing program) 2021/05/31 17:48:14 fetching corpus: 30300, signal 427726/527551 (executing program) 2021/05/31 17:48:14 fetching corpus: 30350, signal 428102/527551 (executing program) 2021/05/31 17:48:14 fetching corpus: 30400, signal 428283/527551 (executing program) 2021/05/31 17:48:14 fetching corpus: 30450, signal 428512/527551 (executing program) 2021/05/31 17:48:14 fetching corpus: 30500, signal 428838/527551 (executing program) 2021/05/31 17:48:15 fetching corpus: 30550, signal 429128/527551 (executing program) 2021/05/31 17:48:15 fetching corpus: 30600, signal 429349/527551 (executing program) 2021/05/31 17:48:15 fetching corpus: 30650, signal 429600/527551 (executing program) 2021/05/31 17:48:15 fetching corpus: 30700, signal 429931/527551 (executing program) 2021/05/31 17:48:15 fetching corpus: 30750, signal 430124/527551 (executing program) 2021/05/31 17:48:15 fetching corpus: 30800, signal 430361/527551 (executing program) 2021/05/31 17:48:15 fetching corpus: 30850, signal 430575/527551 (executing program) 2021/05/31 17:48:15 fetching corpus: 30900, signal 430765/527551 (executing program) 2021/05/31 17:48:15 fetching corpus: 30950, signal 431060/527553 (executing program) 2021/05/31 17:48:15 fetching corpus: 31000, signal 431293/527553 (executing program) 2021/05/31 17:48:15 fetching corpus: 31050, signal 431529/527553 (executing program) 2021/05/31 17:48:15 fetching corpus: 31100, signal 431747/527553 (executing program) 2021/05/31 17:48:15 fetching corpus: 31150, signal 431956/527553 (executing program) 2021/05/31 17:48:15 fetching corpus: 31200, signal 432213/527553 (executing program) 2021/05/31 17:48:15 fetching corpus: 31250, signal 432445/527553 (executing program) 2021/05/31 17:48:15 fetching corpus: 31300, signal 432648/527553 (executing program) 2021/05/31 17:48:15 fetching corpus: 31350, signal 432800/527553 (executing program) 2021/05/31 17:48:15 fetching corpus: 31400, signal 432957/527553 (executing program) 2021/05/31 17:48:15 fetching corpus: 31450, signal 433245/527553 (executing program) 2021/05/31 17:48:15 fetching corpus: 31500, signal 433476/527553 (executing program) 2021/05/31 17:48:15 fetching corpus: 31550, signal 433643/527553 (executing program) 2021/05/31 17:48:15 fetching corpus: 31600, signal 433856/527553 (executing program) 2021/05/31 17:48:16 fetching corpus: 31650, signal 434086/527553 (executing program) 2021/05/31 17:48:16 fetching corpus: 31700, signal 434378/527553 (executing program) 2021/05/31 17:48:16 fetching corpus: 31750, signal 434583/527553 (executing program) 2021/05/31 17:48:16 fetching corpus: 31800, signal 434985/527553 (executing program) 2021/05/31 17:48:16 fetching corpus: 31850, signal 435125/527553 (executing program) 2021/05/31 17:48:16 fetching corpus: 31900, signal 435423/527553 (executing program) 2021/05/31 17:48:16 fetching corpus: 31950, signal 435965/527556 (executing program) 2021/05/31 17:48:16 fetching corpus: 32000, signal 436226/527556 (executing program) 2021/05/31 17:48:16 fetching corpus: 32050, signal 436406/527558 (executing program) 2021/05/31 17:48:16 fetching corpus: 32100, signal 436568/527558 (executing program) 2021/05/31 17:48:16 fetching corpus: 32150, signal 436728/527558 (executing program) 2021/05/31 17:48:16 fetching corpus: 32200, signal 437042/527558 (executing program) 2021/05/31 17:48:16 fetching corpus: 32250, signal 437333/527558 (executing program) 2021/05/31 17:48:16 fetching corpus: 32300, signal 437553/527558 (executing program) 2021/05/31 17:48:16 fetching corpus: 32350, signal 437871/527559 (executing program) 2021/05/31 17:48:16 fetching corpus: 32400, signal 438124/527559 (executing program) 2021/05/31 17:48:16 fetching corpus: 32450, signal 438292/527559 (executing program) 2021/05/31 17:48:16 fetching corpus: 32500, signal 438446/527559 (executing program) 2021/05/31 17:48:16 fetching corpus: 32550, signal 438621/527559 (executing program) 2021/05/31 17:48:17 fetching corpus: 32600, signal 438837/527559 (executing program) 2021/05/31 17:48:17 fetching corpus: 32650, signal 439016/527559 (executing program) 2021/05/31 17:48:17 fetching corpus: 32700, signal 439232/527559 (executing program) 2021/05/31 17:48:17 fetching corpus: 32750, signal 439402/527559 (executing program) 2021/05/31 17:48:17 fetching corpus: 32800, signal 439541/527559 (executing program) 2021/05/31 17:48:17 fetching corpus: 32850, signal 439807/527559 (executing program) 2021/05/31 17:48:17 fetching corpus: 32900, signal 439978/527559 (executing program) 2021/05/31 17:48:17 fetching corpus: 32950, signal 440672/527559 (executing program) 2021/05/31 17:48:17 fetching corpus: 33000, signal 440856/527559 (executing program) 2021/05/31 17:48:17 fetching corpus: 33050, signal 441084/527559 (executing program) 2021/05/31 17:48:17 fetching corpus: 33100, signal 441272/527559 (executing program) 2021/05/31 17:48:17 fetching corpus: 33150, signal 441419/527559 (executing program) 2021/05/31 17:48:17 fetching corpus: 33200, signal 441609/527559 (executing program) 2021/05/31 17:48:17 fetching corpus: 33250, signal 441836/527559 (executing program) 2021/05/31 17:48:17 fetching corpus: 33300, signal 442013/527559 (executing program) 2021/05/31 17:48:17 fetching corpus: 33350, signal 442439/527559 (executing program) 2021/05/31 17:48:17 fetching corpus: 33400, signal 442601/527559 (executing program) 2021/05/31 17:48:17 fetching corpus: 33450, signal 442826/527559 (executing program) 2021/05/31 17:48:17 fetching corpus: 33500, signal 443275/527559 (executing program) 2021/05/31 17:48:18 fetching corpus: 33550, signal 443677/527559 (executing program) 2021/05/31 17:48:18 fetching corpus: 33600, signal 443870/527559 (executing program) 2021/05/31 17:48:18 fetching corpus: 33650, signal 444082/527559 (executing program) 2021/05/31 17:48:18 fetching corpus: 33700, signal 444280/527559 (executing program) 2021/05/31 17:48:18 fetching corpus: 33750, signal 444461/527559 (executing program) 2021/05/31 17:48:18 fetching corpus: 33800, signal 444683/527559 (executing program) 2021/05/31 17:48:18 fetching corpus: 33850, signal 444885/527559 (executing program) 2021/05/31 17:48:18 fetching corpus: 33900, signal 445100/527559 (executing program) 2021/05/31 17:48:18 fetching corpus: 33950, signal 445316/527559 (executing program) 2021/05/31 17:48:18 fetching corpus: 34000, signal 445457/527559 (executing program) 2021/05/31 17:48:18 fetching corpus: 34050, signal 445794/527559 (executing program) 2021/05/31 17:48:18 fetching corpus: 34100, signal 445946/527559 (executing program) 2021/05/31 17:48:18 fetching corpus: 34150, signal 446253/527559 (executing program) 2021/05/31 17:48:18 fetching corpus: 34200, signal 446402/527559 (executing program) 2021/05/31 17:48:19 fetching corpus: 34250, signal 446733/527559 (executing program) 2021/05/31 17:48:19 fetching corpus: 34300, signal 446908/527559 (executing program) 2021/05/31 17:48:19 fetching corpus: 34350, signal 447319/527559 (executing program) 2021/05/31 17:48:19 fetching corpus: 34400, signal 447473/527559 (executing program) 2021/05/31 17:48:19 fetching corpus: 34450, signal 447676/527559 (executing program) 2021/05/31 17:48:19 fetching corpus: 34500, signal 447884/527559 (executing program) 2021/05/31 17:48:19 fetching corpus: 34550, signal 448019/527559 (executing program) 2021/05/31 17:48:19 fetching corpus: 34600, signal 448164/527559 (executing program) 2021/05/31 17:48:19 fetching corpus: 34650, signal 448304/527559 (executing program) 2021/05/31 17:48:19 fetching corpus: 34700, signal 448469/527559 (executing program) 2021/05/31 17:48:19 fetching corpus: 34750, signal 448617/527559 (executing program) 2021/05/31 17:48:19 fetching corpus: 34800, signal 448839/527559 (executing program) 2021/05/31 17:48:19 fetching corpus: 34850, signal 449024/527559 (executing program) 2021/05/31 17:48:19 fetching corpus: 34900, signal 449242/527559 (executing program) 2021/05/31 17:48:19 fetching corpus: 34950, signal 449464/527559 (executing program) 2021/05/31 17:48:19 fetching corpus: 35000, signal 449680/527559 (executing program) 2021/05/31 17:48:20 fetching corpus: 35050, signal 450007/527559 (executing program) 2021/05/31 17:48:20 fetching corpus: 35100, signal 450191/527559 (executing program) 2021/05/31 17:48:20 fetching corpus: 35150, signal 450402/527559 (executing program) 2021/05/31 17:48:20 fetching corpus: 35200, signal 450559/527559 (executing program) 2021/05/31 17:48:20 fetching corpus: 35250, signal 450717/527559 (executing program) 2021/05/31 17:48:20 fetching corpus: 35300, signal 450901/527559 (executing program) 2021/05/31 17:48:20 fetching corpus: 35350, signal 451054/527559 (executing program) 2021/05/31 17:48:20 fetching corpus: 35400, signal 451248/527559 (executing program) 2021/05/31 17:48:20 fetching corpus: 35450, signal 451429/527561 (executing program) 2021/05/31 17:48:20 fetching corpus: 35500, signal 451683/527561 (executing program) 2021/05/31 17:48:20 fetching corpus: 35550, signal 451795/527561 (executing program) 2021/05/31 17:48:20 fetching corpus: 35600, signal 451906/527561 (executing program) 2021/05/31 17:48:20 fetching corpus: 35650, signal 452097/527561 (executing program) 2021/05/31 17:48:21 fetching corpus: 35700, signal 452301/527561 (executing program) 2021/05/31 17:48:21 fetching corpus: 35750, signal 452529/527561 (executing program) 2021/05/31 17:48:21 fetching corpus: 35800, signal 452658/527561 (executing program) 2021/05/31 17:48:21 fetching corpus: 35850, signal 452867/527561 (executing program) 2021/05/31 17:48:21 fetching corpus: 35900, signal 453084/527561 (executing program) 2021/05/31 17:48:21 fetching corpus: 35950, signal 453251/527561 (executing program) 2021/05/31 17:48:21 fetching corpus: 36000, signal 453405/527561 (executing program) 2021/05/31 17:48:21 fetching corpus: 36050, signal 453622/527561 (executing program) 2021/05/31 17:48:21 fetching corpus: 36100, signal 453766/527561 (executing program) 2021/05/31 17:48:21 fetching corpus: 36150, signal 454082/527561 (executing program) 2021/05/31 17:48:21 fetching corpus: 36200, signal 454253/527561 (executing program) 2021/05/31 17:48:21 fetching corpus: 36250, signal 454410/527561 (executing program) 2021/05/31 17:48:21 fetching corpus: 36300, signal 454599/527561 (executing program) 2021/05/31 17:48:21 fetching corpus: 36350, signal 454756/527561 (executing program) 2021/05/31 17:48:21 fetching corpus: 36400, signal 454923/527561 (executing program) 2021/05/31 17:48:21 fetching corpus: 36450, signal 455141/527561 (executing program) 2021/05/31 17:48:21 fetching corpus: 36500, signal 455370/527561 (executing program) 2021/05/31 17:48:21 fetching corpus: 36550, signal 455562/527561 (executing program) 2021/05/31 17:48:21 fetching corpus: 36600, signal 455777/527561 (executing program) 2021/05/31 17:48:21 fetching corpus: 36650, signal 455926/527561 (executing program) 2021/05/31 17:48:21 fetching corpus: 36700, signal 456083/527561 (executing program) 2021/05/31 17:48:21 fetching corpus: 36750, signal 456241/527561 (executing program) 2021/05/31 17:48:21 fetching corpus: 36800, signal 456406/527561 (executing program) 2021/05/31 17:48:22 fetching corpus: 36850, signal 456597/527561 (executing program) 2021/05/31 17:48:22 fetching corpus: 36900, signal 456780/527561 (executing program) 2021/05/31 17:48:22 fetching corpus: 36950, signal 456982/527561 (executing program) 2021/05/31 17:48:22 fetching corpus: 37000, signal 457227/527561 (executing program) 2021/05/31 17:48:22 fetching corpus: 37050, signal 457437/527561 (executing program) 2021/05/31 17:48:22 fetching corpus: 37100, signal 457763/527561 (executing program) 2021/05/31 17:48:22 fetching corpus: 37150, signal 458041/527561 (executing program) 2021/05/31 17:48:22 fetching corpus: 37200, signal 458247/527561 (executing program) 2021/05/31 17:48:22 fetching corpus: 37250, signal 458415/527561 (executing program) 2021/05/31 17:48:22 fetching corpus: 37300, signal 458559/527561 (executing program) 2021/05/31 17:48:22 fetching corpus: 37350, signal 458696/527561 (executing program) 2021/05/31 17:48:22 fetching corpus: 37400, signal 458901/527561 (executing program) 2021/05/31 17:48:22 fetching corpus: 37450, signal 459054/527561 (executing program) 2021/05/31 17:48:22 fetching corpus: 37500, signal 459225/527561 (executing program) 2021/05/31 17:48:22 fetching corpus: 37550, signal 459350/527561 (executing program) 2021/05/31 17:48:22 fetching corpus: 37600, signal 459555/527561 (executing program) 2021/05/31 17:48:22 fetching corpus: 37650, signal 459749/527561 (executing program) 2021/05/31 17:48:22 fetching corpus: 37700, signal 459923/527561 (executing program) 2021/05/31 17:48:22 fetching corpus: 37750, signal 460233/527561 (executing program) 2021/05/31 17:48:22 fetching corpus: 37800, signal 460404/527561 (executing program) 2021/05/31 17:48:22 fetching corpus: 37850, signal 460600/527561 (executing program) 2021/05/31 17:48:22 fetching corpus: 37900, signal 460733/527561 (executing program) 2021/05/31 17:48:22 fetching corpus: 37950, signal 460871/527561 (executing program) 2021/05/31 17:48:23 fetching corpus: 38000, signal 461056/527561 (executing program) 2021/05/31 17:48:23 fetching corpus: 38050, signal 461228/527561 (executing program) 2021/05/31 17:48:23 fetching corpus: 38100, signal 461535/527561 (executing program) 2021/05/31 17:48:23 fetching corpus: 38150, signal 461697/527561 (executing program) 2021/05/31 17:48:23 fetching corpus: 38200, signal 461882/527561 (executing program) 2021/05/31 17:48:23 fetching corpus: 38250, signal 462032/527561 (executing program) 2021/05/31 17:48:23 fetching corpus: 38300, signal 462252/527561 (executing program) 2021/05/31 17:48:23 fetching corpus: 38350, signal 462501/527561 (executing program) 2021/05/31 17:48:23 fetching corpus: 38400, signal 462653/527561 (executing program) 2021/05/31 17:48:23 fetching corpus: 38450, signal 462775/527561 (executing program) 2021/05/31 17:48:23 fetching corpus: 38500, signal 462955/527561 (executing program) 2021/05/31 17:48:23 fetching corpus: 38550, signal 463195/527561 (executing program) 2021/05/31 17:48:23 fetching corpus: 38600, signal 463428/527561 (executing program) 2021/05/31 17:48:23 fetching corpus: 38650, signal 463632/527561 (executing program) 2021/05/31 17:48:23 fetching corpus: 38700, signal 463969/527561 (executing program) 2021/05/31 17:48:23 fetching corpus: 38750, signal 464121/527561 (executing program) 2021/05/31 17:48:23 fetching corpus: 38800, signal 464361/527561 (executing program) 2021/05/31 17:48:24 fetching corpus: 38850, signal 465235/527561 (executing program) 2021/05/31 17:48:24 fetching corpus: 38900, signal 465398/527561 (executing program) 2021/05/31 17:48:24 fetching corpus: 38950, signal 465529/527561 (executing program) 2021/05/31 17:48:24 fetching corpus: 39000, signal 465684/527561 (executing program) 2021/05/31 17:48:24 fetching corpus: 39050, signal 465909/527561 (executing program) 2021/05/31 17:48:24 fetching corpus: 39100, signal 466158/527561 (executing program) 2021/05/31 17:48:24 fetching corpus: 39150, signal 466451/527561 (executing program) 2021/05/31 17:48:24 fetching corpus: 39200, signal 466571/527561 (executing program) 2021/05/31 17:48:24 fetching corpus: 39250, signal 466745/527561 (executing program) 2021/05/31 17:48:24 fetching corpus: 39300, signal 466946/527561 (executing program) 2021/05/31 17:48:24 fetching corpus: 39350, signal 467134/527561 (executing program) 2021/05/31 17:48:24 fetching corpus: 39400, signal 467313/527561 (executing program) 2021/05/31 17:48:24 fetching corpus: 39450, signal 467489/527561 (executing program) 2021/05/31 17:48:24 fetching corpus: 39500, signal 467670/527561 (executing program) 2021/05/31 17:48:24 fetching corpus: 39550, signal 467869/527561 (executing program) 2021/05/31 17:48:24 fetching corpus: 39600, signal 468146/527561 (executing program) 2021/05/31 17:48:24 fetching corpus: 39650, signal 468381/527561 (executing program) 2021/05/31 17:48:24 fetching corpus: 39700, signal 468587/527561 (executing program) 2021/05/31 17:48:24 fetching corpus: 39750, signal 468739/527561 (executing program) 2021/05/31 17:48:24 fetching corpus: 39800, signal 468891/527561 (executing program) 2021/05/31 17:48:25 fetching corpus: 39850, signal 469045/527561 (executing program) 2021/05/31 17:48:25 fetching corpus: 39900, signal 469389/527561 (executing program) 2021/05/31 17:48:25 fetching corpus: 39950, signal 469753/527561 (executing program) 2021/05/31 17:48:25 fetching corpus: 40000, signal 469969/527561 (executing program) 2021/05/31 17:48:25 fetching corpus: 40050, signal 470116/527561 (executing program) 2021/05/31 17:48:25 fetching corpus: 40100, signal 470280/527561 (executing program) 2021/05/31 17:48:25 fetching corpus: 40150, signal 470454/527561 (executing program) 2021/05/31 17:48:25 fetching corpus: 40200, signal 470601/527561 (executing program) 2021/05/31 17:48:25 fetching corpus: 40250, signal 470853/527561 (executing program) 2021/05/31 17:48:25 fetching corpus: 40300, signal 471123/527561 (executing program) 2021/05/31 17:48:25 fetching corpus: 40350, signal 471256/527561 (executing program) 2021/05/31 17:48:25 fetching corpus: 40400, signal 471465/527561 (executing program) 2021/05/31 17:48:25 fetching corpus: 40450, signal 471598/527561 (executing program) 2021/05/31 17:48:25 fetching corpus: 40500, signal 471807/527563 (executing program) 2021/05/31 17:48:25 fetching corpus: 40550, signal 472036/527563 (executing program) 2021/05/31 17:48:25 fetching corpus: 40600, signal 472331/527564 (executing program) 2021/05/31 17:48:25 fetching corpus: 40650, signal 472536/527564 (executing program) 2021/05/31 17:48:25 fetching corpus: 40700, signal 472707/527564 (executing program) 2021/05/31 17:48:25 fetching corpus: 40750, signal 472942/527564 (executing program) 2021/05/31 17:48:25 fetching corpus: 40800, signal 473116/527564 (executing program) 2021/05/31 17:48:25 fetching corpus: 40850, signal 473255/527564 (executing program) 2021/05/31 17:48:26 fetching corpus: 40900, signal 473466/527564 (executing program) 2021/05/31 17:48:26 fetching corpus: 40950, signal 473610/527564 (executing program) 2021/05/31 17:48:26 fetching corpus: 41000, signal 473903/527564 (executing program) 2021/05/31 17:48:26 fetching corpus: 41050, signal 474045/527564 (executing program) 2021/05/31 17:48:26 fetching corpus: 41100, signal 474200/527564 (executing program) 2021/05/31 17:48:26 fetching corpus: 41150, signal 474358/527564 (executing program) 2021/05/31 17:48:26 fetching corpus: 41200, signal 474530/527564 (executing program) 2021/05/31 17:48:26 fetching corpus: 41250, signal 474781/527564 (executing program) 2021/05/31 17:48:26 fetching corpus: 41300, signal 475109/527566 (executing program) 2021/05/31 17:48:26 fetching corpus: 41350, signal 475745/527566 (executing program) 2021/05/31 17:48:26 fetching corpus: 41400, signal 475863/527566 (executing program) 2021/05/31 17:48:26 fetching corpus: 41450, signal 476114/527566 (executing program) 2021/05/31 17:48:26 fetching corpus: 41500, signal 476335/527569 (executing program) 2021/05/31 17:48:26 fetching corpus: 41550, signal 476600/527569 (executing program) 2021/05/31 17:48:26 fetching corpus: 41600, signal 476739/527569 (executing program) 2021/05/31 17:48:26 fetching corpus: 41650, signal 476912/527569 (executing program) 2021/05/31 17:48:27 fetching corpus: 41700, signal 477037/527569 (executing program) 2021/05/31 17:48:27 fetching corpus: 41750, signal 477164/527569 (executing program) 2021/05/31 17:48:27 fetching corpus: 41800, signal 477351/527569 (executing program) 2021/05/31 17:48:27 fetching corpus: 41850, signal 477602/527569 (executing program) 2021/05/31 17:48:27 fetching corpus: 41900, signal 477719/527569 (executing program) 2021/05/31 17:48:27 fetching corpus: 41950, signal 477857/527569 (executing program) 2021/05/31 17:48:27 fetching corpus: 42000, signal 477966/527569 (executing program) 2021/05/31 17:48:27 fetching corpus: 42050, signal 478270/527569 (executing program) 2021/05/31 17:48:27 fetching corpus: 42100, signal 478407/527569 (executing program) 2021/05/31 17:48:27 fetching corpus: 42150, signal 478719/527569 (executing program) 2021/05/31 17:48:27 fetching corpus: 42200, signal 478938/527569 (executing program) 2021/05/31 17:48:27 fetching corpus: 42250, signal 479186/527569 (executing program) 2021/05/31 17:48:27 fetching corpus: 42300, signal 479340/527569 (executing program) 2021/05/31 17:48:27 fetching corpus: 42350, signal 479476/527569 (executing program) 2021/05/31 17:48:27 fetching corpus: 42400, signal 479664/527569 (executing program) 2021/05/31 17:48:28 fetching corpus: 42450, signal 479923/527569 (executing program) 2021/05/31 17:48:28 fetching corpus: 42500, signal 480076/527569 (executing program) 2021/05/31 17:48:28 fetching corpus: 42550, signal 480224/527569 (executing program) 2021/05/31 17:48:28 fetching corpus: 42600, signal 480407/527569 (executing program) 2021/05/31 17:48:28 fetching corpus: 42650, signal 480547/527569 (executing program) 2021/05/31 17:48:28 fetching corpus: 42700, signal 480724/527569 (executing program) 2021/05/31 17:48:28 fetching corpus: 42750, signal 480922/527569 (executing program) 2021/05/31 17:48:28 fetching corpus: 42800, signal 481101/527569 (executing program) 2021/05/31 17:48:28 fetching corpus: 42850, signal 481297/527569 (executing program) 2021/05/31 17:48:28 fetching corpus: 42900, signal 481445/527569 (executing program) 2021/05/31 17:48:28 fetching corpus: 42950, signal 481584/527569 (executing program) 2021/05/31 17:48:28 fetching corpus: 43000, signal 481759/527569 (executing program) 2021/05/31 17:48:28 fetching corpus: 43050, signal 481917/527569 (executing program) 2021/05/31 17:48:28 fetching corpus: 43100, signal 482227/527569 (executing program) 2021/05/31 17:48:28 fetching corpus: 43150, signal 482340/527569 (executing program) 2021/05/31 17:48:28 fetching corpus: 43200, signal 482556/527569 (executing program) 2021/05/31 17:48:28 fetching corpus: 43250, signal 482703/527569 (executing program) 2021/05/31 17:48:28 fetching corpus: 43300, signal 482953/527569 (executing program) 2021/05/31 17:48:28 fetching corpus: 43350, signal 483126/527569 (executing program) 2021/05/31 17:48:28 fetching corpus: 43400, signal 483283/527569 (executing program) 2021/05/31 17:48:28 fetching corpus: 43450, signal 483520/527569 (executing program) 2021/05/31 17:48:28 fetching corpus: 43500, signal 483712/527569 (executing program) 2021/05/31 17:48:29 fetching corpus: 43550, signal 483900/527569 (executing program) 2021/05/31 17:48:29 fetching corpus: 43600, signal 484071/527569 (executing program) 2021/05/31 17:48:29 fetching corpus: 43650, signal 484270/527569 (executing program) 2021/05/31 17:48:29 fetching corpus: 43700, signal 484477/527569 (executing program) 2021/05/31 17:48:29 fetching corpus: 43750, signal 484672/527569 (executing program) 2021/05/31 17:48:29 fetching corpus: 43800, signal 484949/527569 (executing program) 2021/05/31 17:48:29 fetching corpus: 43850, signal 485175/527569 (executing program) 2021/05/31 17:48:29 fetching corpus: 43900, signal 485352/527569 (executing program) 2021/05/31 17:48:29 fetching corpus: 43950, signal 485553/527569 (executing program) 2021/05/31 17:48:29 fetching corpus: 44000, signal 485697/527569 (executing program) 2021/05/31 17:48:29 fetching corpus: 44050, signal 485891/527569 (executing program) 2021/05/31 17:48:29 fetching corpus: 44100, signal 486051/527589 (executing program) 2021/05/31 17:48:30 fetching corpus: 44150, signal 486216/527589 (executing program) 2021/05/31 17:48:30 fetching corpus: 44200, signal 486333/527589 (executing program) 2021/05/31 17:48:30 fetching corpus: 44250, signal 486453/527589 (executing program) 2021/05/31 17:48:30 fetching corpus: 44300, signal 486627/527589 (executing program) 2021/05/31 17:48:30 fetching corpus: 44350, signal 486815/527589 (executing program) 2021/05/31 17:48:30 fetching corpus: 44400, signal 486993/527589 (executing program) 2021/05/31 17:48:30 fetching corpus: 44450, signal 487165/527589 (executing program) 2021/05/31 17:48:30 fetching corpus: 44500, signal 487324/527589 (executing program) 2021/05/31 17:48:30 fetching corpus: 44550, signal 487488/527589 (executing program) 2021/05/31 17:48:30 fetching corpus: 44600, signal 487676/527589 (executing program) 2021/05/31 17:48:30 fetching corpus: 44650, signal 487893/527589 (executing program) 2021/05/31 17:48:30 fetching corpus: 44700, signal 488068/527589 (executing program) 2021/05/31 17:48:30 fetching corpus: 44750, signal 488214/527589 (executing program) 2021/05/31 17:48:30 fetching corpus: 44800, signal 488380/527589 (executing program) 2021/05/31 17:48:30 fetching corpus: 44850, signal 488551/527589 (executing program) 2021/05/31 17:48:30 fetching corpus: 44900, signal 488684/527589 (executing program) 2021/05/31 17:48:30 fetching corpus: 44950, signal 488976/527589 (executing program) 2021/05/31 17:48:30 fetching corpus: 45000, signal 489129/527589 (executing program) 2021/05/31 17:48:30 fetching corpus: 45050, signal 489305/527589 (executing program) 2021/05/31 17:48:30 fetching corpus: 45100, signal 489467/527589 (executing program) 2021/05/31 17:48:30 fetching corpus: 45150, signal 489666/527589 (executing program) 2021/05/31 17:48:30 fetching corpus: 45200, signal 489834/527589 (executing program) 2021/05/31 17:48:31 fetching corpus: 45250, signal 490081/527589 (executing program) 2021/05/31 17:48:31 fetching corpus: 45300, signal 490309/527589 (executing program) 2021/05/31 17:48:31 fetching corpus: 45350, signal 490442/527589 (executing program) 2021/05/31 17:48:31 fetching corpus: 45400, signal 490647/527589 (executing program) 2021/05/31 17:48:31 fetching corpus: 45450, signal 490806/527589 (executing program) 2021/05/31 17:48:31 fetching corpus: 45500, signal 490986/527589 (executing program) 2021/05/31 17:48:31 fetching corpus: 45550, signal 491151/527589 (executing program) 2021/05/31 17:48:31 fetching corpus: 45600, signal 491538/527589 (executing program) 2021/05/31 17:48:31 fetching corpus: 45650, signal 491717/527589 (executing program) 2021/05/31 17:48:31 fetching corpus: 45700, signal 491882/527589 (executing program) 2021/05/31 17:48:31 fetching corpus: 45750, signal 491995/527589 (executing program) 2021/05/31 17:48:31 fetching corpus: 45800, signal 492190/527589 (executing program) 2021/05/31 17:48:31 fetching corpus: 45850, signal 492324/527589 (executing program) 2021/05/31 17:48:31 fetching corpus: 45900, signal 492472/527589 (executing program) 2021/05/31 17:48:31 fetching corpus: 45950, signal 492713/527589 (executing program) 2021/05/31 17:48:31 fetching corpus: 46000, signal 492828/527589 (executing program) 2021/05/31 17:48:32 fetching corpus: 46050, signal 493042/527589 (executing program) 2021/05/31 17:48:32 fetching corpus: 46100, signal 493235/527589 (executing program) 2021/05/31 17:48:32 fetching corpus: 46150, signal 493367/527589 (executing program) 2021/05/31 17:48:32 fetching corpus: 46200, signal 493614/527589 (executing program) 2021/05/31 17:48:32 fetching corpus: 46250, signal 493836/527589 (executing program) 2021/05/31 17:48:32 fetching corpus: 46300, signal 493995/527589 (executing program) 2021/05/31 17:48:32 fetching corpus: 46350, signal 494181/527589 (executing program) 2021/05/31 17:48:32 fetching corpus: 46400, signal 494414/527589 (executing program) 2021/05/31 17:48:32 fetching corpus: 46450, signal 494577/527591 (executing program) 2021/05/31 17:48:32 fetching corpus: 46500, signal 494717/527591 (executing program) 2021/05/31 17:48:32 fetching corpus: 46550, signal 494836/527624 (executing program) 2021/05/31 17:48:32 fetching corpus: 46600, signal 494987/527624 (executing program) 2021/05/31 17:48:32 fetching corpus: 46650, signal 495184/527624 (executing program) 2021/05/31 17:48:32 fetching corpus: 46700, signal 495582/527624 (executing program) 2021/05/31 17:48:32 fetching corpus: 46750, signal 495751/527624 (executing program) 2021/05/31 17:48:32 fetching corpus: 46800, signal 495977/527624 (executing program) 2021/05/31 17:48:32 fetching corpus: 46850, signal 496129/527624 (executing program) 2021/05/31 17:48:32 fetching corpus: 46900, signal 496296/527624 (executing program) 2021/05/31 17:48:33 fetching corpus: 46950, signal 496469/527625 (executing program) 2021/05/31 17:48:33 fetching corpus: 47000, signal 496588/527625 (executing program) 2021/05/31 17:48:33 fetching corpus: 47050, signal 496794/527625 (executing program) 2021/05/31 17:48:33 fetching corpus: 47100, signal 496936/527625 (executing program) 2021/05/31 17:48:33 fetching corpus: 47150, signal 497121/527625 (executing program) 2021/05/31 17:48:33 fetching corpus: 47200, signal 497274/527625 (executing program) 2021/05/31 17:48:33 fetching corpus: 47250, signal 497467/527625 (executing program) 2021/05/31 17:48:33 fetching corpus: 47300, signal 497645/527625 (executing program) 2021/05/31 17:48:33 fetching corpus: 47350, signal 497818/527625 (executing program) 2021/05/31 17:48:33 fetching corpus: 47400, signal 497949/527625 (executing program) 2021/05/31 17:48:33 fetching corpus: 47450, signal 498125/527625 (executing program) 2021/05/31 17:48:33 fetching corpus: 47500, signal 498306/527625 (executing program) 2021/05/31 17:48:33 fetching corpus: 47550, signal 498457/527625 (executing program) 2021/05/31 17:48:33 fetching corpus: 47600, signal 498590/527625 (executing program) 2021/05/31 17:48:33 fetching corpus: 47650, signal 498727/527625 (executing program) 2021/05/31 17:48:33 fetching corpus: 47700, signal 498848/527625 (executing program) 2021/05/31 17:48:33 fetching corpus: 47750, signal 498995/527625 (executing program) 2021/05/31 17:48:33 fetching corpus: 47800, signal 499131/527625 (executing program) 2021/05/31 17:48:33 fetching corpus: 47850, signal 499265/527625 (executing program) 2021/05/31 17:48:33 fetching corpus: 47900, signal 499401/527625 (executing program) 2021/05/31 17:48:34 fetching corpus: 47950, signal 499647/527625 (executing program) 2021/05/31 17:48:34 fetching corpus: 48000, signal 499908/527625 (executing program) 2021/05/31 17:48:34 fetching corpus: 48050, signal 500027/527625 (executing program) 2021/05/31 17:48:34 fetching corpus: 48100, signal 500208/527625 (executing program) 2021/05/31 17:48:34 fetching corpus: 48150, signal 500405/527625 (executing program) 2021/05/31 17:48:34 fetching corpus: 48200, signal 500531/527625 (executing program) 2021/05/31 17:48:34 fetching corpus: 48250, signal 500668/527625 (executing program) 2021/05/31 17:48:34 fetching corpus: 48300, signal 500794/527625 (executing program) syzkaller login: [ 202.657583][ T3130] ieee802154 phy0 wpan0: encryption failed: -22 [ 202.664122][ T3130] ieee802154 phy1 wpan1: encryption failed: -22 2021/05/31 17:48:34 fetching corpus: 48350, signal 500963/527625 (executing program) 2021/05/31 17:48:34 fetching corpus: 48400, signal 501286/527625 (executing program) 2021/05/31 17:48:34 fetching corpus: 48450, signal 501480/527625 (executing program) 2021/05/31 17:48:34 fetching corpus: 48500, signal 501649/527625 (executing program) 2021/05/31 17:48:34 fetching corpus: 48550, signal 501763/527625 (executing program) 2021/05/31 17:48:34 fetching corpus: 48600, signal 501930/527625 (executing program) 2021/05/31 17:48:34 fetching corpus: 48650, signal 502097/527625 (executing program) 2021/05/31 17:48:34 fetching corpus: 48700, signal 502233/527625 (executing program) 2021/05/31 17:48:34 fetching corpus: 48750, signal 502355/527625 (executing program) 2021/05/31 17:48:34 fetching corpus: 48800, signal 502491/527625 (executing program) 2021/05/31 17:48:34 fetching corpus: 48850, signal 502645/527625 (executing program) 2021/05/31 17:48:35 fetching corpus: 48900, signal 502862/527625 (executing program) 2021/05/31 17:48:35 fetching corpus: 48950, signal 503039/527625 (executing program) 2021/05/31 17:48:35 fetching corpus: 49000, signal 503187/527625 (executing program) 2021/05/31 17:48:35 fetching corpus: 49050, signal 503300/527625 (executing program) 2021/05/31 17:48:35 fetching corpus: 49100, signal 503446/527625 (executing program) 2021/05/31 17:48:35 fetching corpus: 49150, signal 503593/527625 (executing program) 2021/05/31 17:48:35 fetching corpus: 49200, signal 503737/527625 (executing program) 2021/05/31 17:48:35 fetching corpus: 49250, signal 503947/527625 (executing program) 2021/05/31 17:48:35 fetching corpus: 49300, signal 504079/527625 (executing program) 2021/05/31 17:48:35 fetching corpus: 49350, signal 504203/527625 (executing program) 2021/05/31 17:48:35 fetching corpus: 49400, signal 504389/527625 (executing program) 2021/05/31 17:48:35 fetching corpus: 49450, signal 504521/527626 (executing program) 2021/05/31 17:48:35 fetching corpus: 49500, signal 504800/527626 (executing program) 2021/05/31 17:48:35 fetching corpus: 49550, signal 505083/527626 (executing program) 2021/05/31 17:48:35 fetching corpus: 49600, signal 505543/527626 (executing program) 2021/05/31 17:48:35 fetching corpus: 49650, signal 505691/527626 (executing program) 2021/05/31 17:48:35 fetching corpus: 49700, signal 505840/527626 (executing program) 2021/05/31 17:48:35 fetching corpus: 49750, signal 506050/527626 (executing program) 2021/05/31 17:48:36 fetching corpus: 49800, signal 506208/527626 (executing program) 2021/05/31 17:48:36 fetching corpus: 49850, signal 506381/527626 (executing program) 2021/05/31 17:48:36 fetching corpus: 49900, signal 506556/527626 (executing program) 2021/05/31 17:48:36 fetching corpus: 49950, signal 506727/527626 (executing program) 2021/05/31 17:48:36 fetching corpus: 50000, signal 507162/527626 (executing program) 2021/05/31 17:48:36 fetching corpus: 50050, signal 507305/527626 (executing program) 2021/05/31 17:48:36 fetching corpus: 50100, signal 507461/527626 (executing program) 2021/05/31 17:48:36 fetching corpus: 50150, signal 507711/527626 (executing program) 2021/05/31 17:48:36 fetching corpus: 50200, signal 507885/527626 (executing program) 2021/05/31 17:48:36 fetching corpus: 50250, signal 508030/527626 (executing program) 2021/05/31 17:48:36 fetching corpus: 50300, signal 508205/527626 (executing program) 2021/05/31 17:48:36 fetching corpus: 50350, signal 508328/527626 (executing program) 2021/05/31 17:48:37 fetching corpus: 50400, signal 508490/527626 (executing program) 2021/05/31 17:48:37 fetching corpus: 50450, signal 508637/527626 (executing program) 2021/05/31 17:48:37 fetching corpus: 50500, signal 508804/527626 (executing program) 2021/05/31 17:48:37 fetching corpus: 50550, signal 508913/527626 (executing program) 2021/05/31 17:48:37 fetching corpus: 50600, signal 509042/527626 (executing program) 2021/05/31 17:48:37 fetching corpus: 50650, signal 509180/527626 (executing program) 2021/05/31 17:48:37 fetching corpus: 50700, signal 509320/527626 (executing program) 2021/05/31 17:48:37 fetching corpus: 50750, signal 509445/527626 (executing program) 2021/05/31 17:48:37 fetching corpus: 50800, signal 509623/527626 (executing program) 2021/05/31 17:48:37 fetching corpus: 50850, signal 509746/527626 (executing program) 2021/05/31 17:48:37 fetching corpus: 50900, signal 509906/527626 (executing program) 2021/05/31 17:48:37 fetching corpus: 50950, signal 510164/527626 (executing program) 2021/05/31 17:48:37 fetching corpus: 51000, signal 510321/527626 (executing program) 2021/05/31 17:48:37 fetching corpus: 51050, signal 510481/527626 (executing program) 2021/05/31 17:48:37 fetching corpus: 51100, signal 510637/527626 (executing program) 2021/05/31 17:48:37 fetching corpus: 51150, signal 510759/527626 (executing program) 2021/05/31 17:48:37 fetching corpus: 51200, signal 511003/527626 (executing program) 2021/05/31 17:48:37 fetching corpus: 51250, signal 511178/527626 (executing program) 2021/05/31 17:48:37 fetching corpus: 51300, signal 511294/527626 (executing program) 2021/05/31 17:48:37 fetching corpus: 51350, signal 511498/527626 (executing program) 2021/05/31 17:48:37 fetching corpus: 51400, signal 511622/527626 (executing program) 2021/05/31 17:48:38 fetching corpus: 51450, signal 511776/527626 (executing program) 2021/05/31 17:48:38 fetching corpus: 51500, signal 511989/527626 (executing program) 2021/05/31 17:48:38 fetching corpus: 51550, signal 512110/527626 (executing program) 2021/05/31 17:48:38 fetching corpus: 51600, signal 512305/527626 (executing program) 2021/05/31 17:48:38 fetching corpus: 51650, signal 512409/527626 (executing program) 2021/05/31 17:48:38 fetching corpus: 51700, signal 512585/527626 (executing program) 2021/05/31 17:48:38 fetching corpus: 51750, signal 512706/527626 (executing program) 2021/05/31 17:48:38 fetching corpus: 51800, signal 512821/527626 (executing program) 2021/05/31 17:48:38 fetching corpus: 51850, signal 512922/527626 (executing program) 2021/05/31 17:48:38 fetching corpus: 51900, signal 513100/527626 (executing program) 2021/05/31 17:48:38 fetching corpus: 51950, signal 513223/527626 (executing program) 2021/05/31 17:48:38 fetching corpus: 51963, signal 513258/527626 (executing program) 2021/05/31 17:48:38 fetching corpus: 51963, signal 513258/527626 (executing program) 2021/05/31 17:48:40 starting 6 fuzzer processes 17:48:45 executing program 0: syz_80211_join_ibss(&(0x7f0000000040)='wlan0\x00', &(0x7f0000000080)=@default_ibss_ssid, 0x6, 0x0) syz_80211_inject_frame(&(0x7f00000000c0), &(0x7f0000000100)=@mgmt_frame=@beacon={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}, 0x36) [ 215.779908][ T8232] IPVS: ftp: loaded support on port[0] = 21 [ 216.267987][ T8232] chnl_net:caif_netlink_parms(): no params data found [ 216.427662][ T8232] bridge0: port 1(bridge_slave_0) entered blocking state [ 216.435310][ T8232] bridge0: port 1(bridge_slave_0) entered disabled state [ 216.445100][ T8232] device bridge_slave_0 entered promiscuous mode [ 216.463995][ T8232] bridge0: port 2(bridge_slave_1) entered blocking state [ 216.471541][ T8232] bridge0: port 2(bridge_slave_1) entered disabled state [ 216.481291][ T8232] device bridge_slave_1 entered promiscuous mode [ 216.544998][ T8232] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 216.566145][ T8232] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 216.624151][ T8232] team0: Port device team_slave_0 added [ 216.638088][ T8232] team0: Port device team_slave_1 added [ 216.690788][ T8232] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 216.698333][ T8232] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 216.724731][ T8232] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 216.740639][ T8232] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 216.747945][ T8232] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 216.774256][ T8232] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 216.842874][ T8232] device hsr_slave_0 entered promiscuous mode [ 216.854449][ T8232] device hsr_slave_1 entered promiscuous mode [ 217.128616][ T8232] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 217.146989][ T8232] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 217.195200][ T8232] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 217.229694][ T8232] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 217.532330][ T8232] 8021q: adding VLAN 0 to HW filter on device bond0 [ 217.566989][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 217.576222][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 217.597896][ T8232] 8021q: adding VLAN 0 to HW filter on device team0 [ 217.621162][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 217.631487][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 217.641045][ T7] bridge0: port 1(bridge_slave_0) entered blocking state [ 217.648722][ T7] bridge0: port 1(bridge_slave_0) entered forwarding state [ 217.696444][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 217.705870][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 217.716118][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 217.725705][ T7] bridge0: port 2(bridge_slave_1) entered blocking state [ 217.733126][ T7] bridge0: port 2(bridge_slave_1) entered forwarding state [ 217.742465][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 217.753561][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 217.772077][ T7] Bluetooth: hci0: command 0x0409 tx timeout [ 217.772222][ T2063] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 217.789670][ T2063] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 217.804163][ T2063] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 217.824657][ T3694] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 217.837361][ T3694] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 217.876111][ T3694] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 217.886469][ T3694] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 217.896469][ T3694] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 217.906466][ T3694] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 217.926025][ T8232] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 217.978630][ T3694] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 217.988093][ T3694] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 218.019886][ T8232] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 218.081626][ T3694] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 218.091720][ T3694] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 218.148639][ T3694] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 218.158389][ T3694] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 218.182902][ T8232] device veth0_vlan entered promiscuous mode [ 218.206586][ T3694] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 218.215684][ T3694] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 218.233730][ T8232] device veth1_vlan entered promiscuous mode [ 218.317592][ T3694] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 218.327627][ T3694] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 218.347634][ T8232] device veth0_macvtap entered promiscuous mode [ 218.371337][ T8232] device veth1_macvtap entered promiscuous mode [ 218.431968][ T8232] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 218.440233][ T3694] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 218.450003][ T3694] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 218.459700][ T3694] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 218.469680][ T3694] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 218.494652][ T8232] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 218.514058][ T8232] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 218.523198][ T8232] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 218.532640][ T8232] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 218.541733][ T8232] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 218.557079][ T3694] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 218.567102][ T3694] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 218.877298][ T1106] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 218.885777][ T1106] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 218.894331][ T2063] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 218.962108][ T424] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 218.971127][ T424] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 218.979517][ T2063] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 219.208958][ T8473] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 17:48:50 executing program 0: syz_80211_join_ibss(&(0x7f0000000040)='wlan0\x00', &(0x7f0000000080)=@default_ibss_ssid, 0x6, 0x0) syz_80211_inject_frame(&(0x7f00000000c0), &(0x7f0000000100)=@mgmt_frame=@beacon={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}, 0x36) [ 219.509100][ T8478] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 17:48:51 executing program 0: syz_80211_join_ibss(&(0x7f0000000040)='wlan0\x00', &(0x7f0000000080)=@default_ibss_ssid, 0x6, 0x0) syz_80211_inject_frame(&(0x7f00000000c0), &(0x7f0000000100)=@mgmt_frame=@beacon={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}, 0x36) [ 219.805687][ T8481] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 17:48:51 executing program 0: syz_80211_join_ibss(&(0x7f0000000040)='wlan0\x00', &(0x7f0000000080)=@default_ibss_ssid, 0x6, 0x0) syz_80211_inject_frame(&(0x7f00000000c0), &(0x7f0000000100)=@mgmt_frame=@beacon={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}, 0x36) [ 219.857220][ T7] Bluetooth: hci0: command 0x041b tx timeout [ 219.979257][ T8483] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 17:48:51 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000700)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x40, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IE={0x11, 0x2a, [@random={0xdd, 0xb, 'abcdefghijk'}]}, @NL80211_ATTR_SCAN_SSIDS={0x10, 0x2d, 0x0, 0x1, [{0xa, 0x0, @default_ap_ssid}]}]}, 0x40}}, 0x0) syz_80211_inject_frame(&(0x7f0000000300)=@device_b, &(0x7f0000000040)=@mgmt_frame=@beacon={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}, 0x36) nanosleep(&(0x7f0000000080)={0x0, 0x4c4b40}, &(0x7f00000000c0)) syz_80211_inject_frame(&(0x7f0000000300)=@device_b, &(0x7f0000000340)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36) [ 220.275582][ T8487] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 17:48:52 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x3}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x74, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x28, 0xe, {@wo_ht={{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x1, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_AUTH_TYPE={0x8}, @NL80211_ATTR_EXTERNAL_AUTH_SUPPORT={0x4}]}, 0x74}}, 0x0) 17:48:52 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x3}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x74, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x28, 0xe, {@wo_ht={{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x1, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_AUTH_TYPE={0x8}, @NL80211_ATTR_EXTERNAL_AUTH_SUPPORT={0x4}]}, 0x74}}, 0x0) 17:48:52 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x3}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x74, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x28, 0xe, {@wo_ht={{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x1, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_AUTH_TYPE={0x8}, @NL80211_ATTR_EXTERNAL_AUTH_SUPPORT={0x4}]}, 0x74}}, 0x0) 17:48:52 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x3}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x74, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x28, 0xe, {@wo_ht={{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x1, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_AUTH_TYPE={0x8}, @NL80211_ATTR_EXTERNAL_AUTH_SUPPORT={0x4}]}, 0x74}}, 0x0) 17:48:52 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x7}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000200)={0x30, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_ID={0xa}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x30}}, 0x0) sendmsg$NL80211_CMD_GET_MPP(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000002c0)={0x28, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MAC={0xa}]}, 0x28}}, 0x0) 17:48:53 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x7}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000200)={0x30, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_ID={0xa}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x30}}, 0x0) sendmsg$NL80211_CMD_GET_MPP(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000002c0)={0x28, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MAC={0xa}]}, 0x28}}, 0x0) 17:48:53 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x7}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000200)={0x30, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_ID={0xa}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x30}}, 0x0) sendmsg$NL80211_CMD_GET_MPP(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000002c0)={0x28, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MAC={0xa}]}, 0x28}}, 0x0) 17:48:53 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x7}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000200)={0x30, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_ID={0xa}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x30}}, 0x0) sendmsg$NL80211_CMD_GET_MPP(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000002c0)={0x28, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MAC={0xa}]}, 0x28}}, 0x0) [ 221.935460][ T5] Bluetooth: hci0: command 0x040f tx timeout 17:48:53 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36) nanosleep(&(0x7f0000000340)={0x0, 0x2faf080}, &(0x7f0000000380)) syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e) nanosleep(&(0x7f0000000440)={0x0, 0x2faf080}, &(0x7f0000000480)) syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28) [ 222.223779][ T8514] wlan1: authenticate with 08:02:11:00:00:00 [ 222.232181][ T8514] wlan1: send auth to 08:02:11:00:00:00 (try 1/3) [ 222.243385][ T8514] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 222.285611][ T1290] wlan1: send auth to 08:02:11:00:00:00 (try 2/3) [ 222.296751][ T1290] wlan1: send auth to 08:02:11:00:00:00 (try 3/3) [ 222.312000][ T1290] wlan1: authentication with 08:02:11:00:00:00 timed out 17:48:54 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36) nanosleep(&(0x7f0000000340)={0x0, 0x2faf080}, &(0x7f0000000380)) syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e) nanosleep(&(0x7f0000000440)={0x0, 0x2faf080}, &(0x7f0000000480)) syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28) [ 222.518856][ T8517] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 222.546339][ T5] wlan1: authenticate with 08:02:11:00:00:00 [ 222.554006][ T5] wlan1: send auth to 08:02:11:00:00:00 (try 1/3) [ 222.567817][ T424] wlan1: send auth to 08:02:11:00:00:00 (try 2/3) [ 222.574668][ T424] wlan1: send auth to 08:02:11:00:00:00 (try 3/3) 17:48:54 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36) nanosleep(&(0x7f0000000340)={0x0, 0x2faf080}, &(0x7f0000000380)) syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e) nanosleep(&(0x7f0000000440)={0x0, 0x2faf080}, &(0x7f0000000480)) syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28) [ 222.611337][ T424] wlan1: authentication with 08:02:11:00:00:00 timed out [ 222.748674][ T8520] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 222.776592][ T7] wlan1: authenticate with 08:02:11:00:00:00 [ 222.784352][ T7] wlan1: send auth to 08:02:11:00:00:00 (try 1/3) [ 222.793757][ T1290] wlan1: send auth to 08:02:11:00:00:00 (try 2/3) [ 222.804306][ T1290] wlan1: send auth to 08:02:11:00:00:00 (try 3/3) [ 222.823280][ T1290] wlan1: authentication with 08:02:11:00:00:00 timed out 17:48:54 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36) nanosleep(&(0x7f0000000340)={0x0, 0x2faf080}, &(0x7f0000000380)) syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e) nanosleep(&(0x7f0000000440)={0x0, 0x2faf080}, &(0x7f0000000480)) syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28) [ 223.029671][ T8523] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 223.067591][ T7] wlan1: authenticate with 08:02:11:00:00:00 [ 223.075951][ T7] wlan1: send auth to 08:02:11:00:00:00 (try 1/3) [ 223.084192][ T1106] wlan1: send auth to 08:02:11:00:00:00 (try 2/3) [ 223.107483][ T1106] wlan1: send auth to 08:02:11:00:00:00 (try 3/3) 17:48:54 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36) nanosleep(&(0x7f0000000340)={0x0, 0x2faf080}, &(0x7f0000000380)) syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e) nanosleep(&(0x7f0000000440)={0x0, 0x2faf080}, &(0x7f0000000480)) syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28) [ 223.129572][ T1106] wlan1: authentication with 08:02:11:00:00:00 timed out [ 223.238151][ T8525] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 223.266357][ T2063] wlan1: authenticate with 08:02:11:00:00:00 [ 223.273963][ T2063] wlan1: send auth to 08:02:11:00:00:00 (try 1/3) [ 223.281536][ T424] wlan1: send auth to 08:02:11:00:00:00 (try 2/3) 17:48:55 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36) nanosleep(&(0x7f0000000340)={0x0, 0x2faf080}, &(0x7f0000000380)) syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e) nanosleep(&(0x7f0000000440)={0x0, 0x2faf080}, &(0x7f0000000480)) syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28) [ 223.290285][ T424] wlan1: send auth to 08:02:11:00:00:00 (try 3/3) [ 223.306638][ T1106] wlan1: authentication with 08:02:11:00:00:00 timed out [ 223.546160][ T8529] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 223.577236][ T7] wlan1: authenticate with 08:02:11:00:00:00 [ 223.585083][ T7] wlan1: send auth to 08:02:11:00:00:00 (try 1/3) [ 223.592502][ T1106] wlan1: send auth to 08:02:11:00:00:00 (try 2/3) [ 223.606377][ T1106] wlan1: send auth to 08:02:11:00:00:00 (try 3/3) [ 223.628016][ T1106] wlan1: authentication with 08:02:11:00:00:00 timed out 17:48:55 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36) nanosleep(&(0x7f0000000340)={0x0, 0x2faf080}, &(0x7f0000000380)) syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e) nanosleep(&(0x7f0000000440)={0x0, 0x2faf080}, &(0x7f0000000480)) syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28) [ 223.883412][ T8532] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 223.916544][ T7] wlan1: authenticate with 08:02:11:00:00:00 [ 223.924283][ T7] wlan1: send auth to 08:02:11:00:00:00 (try 1/3) [ 223.941048][ T1106] wlan1: send auth to 08:02:11:00:00:00 (try 2/3) [ 223.962244][ T1106] wlan1: send auth to 08:02:11:00:00:00 (try 3/3) 17:48:55 executing program 0: r0 = syz_open_dev$binderN(&(0x7f0000000080), 0x0, 0x2) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x100}) mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r0, 0x0) r1 = syz_open_dev$binderN(&(0x7f0000000100), 0x0, 0x2) mmap$binder(&(0x7f00000c0000)=nil, 0x2000, 0x1, 0x11, r1, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000140)={0x4c, 0x0, &(0x7f0000000180)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x58, 0x18, &(0x7f0000000200)={@flat, @fd={0x66642a85, 0x0, r0}, @ptr={0x70742a85, 0x0, &(0x7f0000000280)=""/10, 0xa}}, &(0x7f00000002c0)={0x0, 0x18, 0x30}}, 0x10}], 0x0, 0x0, &(0x7f0000000300)}) [ 223.988089][ T1106] wlan1: authentication with 08:02:11:00:00:00 timed out [ 224.018129][ T7] Bluetooth: hci0: command 0x0419 tx timeout [ 224.257380][ T8535] binder: BINDER_SET_CONTEXT_MGR already set [ 224.263557][ T8535] binder: 8534:8535 ioctl 4018620d 200000c0 returned -16 17:48:56 executing program 0 (fault-call:4 fault-nth:0): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36) nanosleep(&(0x7f0000000340)={0x0, 0x2faf080}, &(0x7f0000000380)) syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e) nanosleep(&(0x7f0000000440)={0x0, 0x2faf080}, &(0x7f0000000480)) syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28) [ 224.498035][ T8541] FAULT_INJECTION: forcing a failure. [ 224.498035][ T8541] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 224.511488][ T8541] CPU: 1 PID: 8541 Comm: syz-executor.0 Not tainted 5.12.0-rc6-syzkaller #0 [ 224.520322][ T8541] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 224.530510][ T8541] Call Trace: [ 224.533890][ T8541] dump_stack+0x24c/0x2e0 [ 224.538457][ T8541] should_fail+0x8bd/0x9e0 [ 224.543096][ T8541] should_fail_usercopy+0x39/0x40 [ 224.548353][ T8541] _copy_from_user+0x63/0x300 [ 224.553215][ T8541] __get_compat_msghdr+0x106/0x9d0 [ 224.558512][ T8541] ? kmsan_get_metadata+0x116/0x180 [ 224.563896][ T8541] ? kmsan_internal_set_origin+0x85/0xc0 [ 224.569705][ T8541] ? rcu_read_unlock_strict+0x9/0x10 [ 224.575180][ T8541] get_compat_msghdr+0x108/0x2b0 [ 224.580332][ T8541] __sys_sendmsg+0x4ac/0x830 [ 224.585123][ T8541] ? kmsan_get_metadata+0x116/0x180 [ 224.590756][ T8541] ? kmsan_get_metadata+0x116/0x180 [ 224.596157][ T8541] ? kmsan_internal_set_origin+0x85/0xc0 [ 224.601962][ T8541] ? kmsan_internal_unpoison_shadow+0x42/0x70 [ 224.608216][ T8541] ? __msan_instrument_asm_store+0x107/0x130 [ 224.614375][ T8541] ? fput+0x82/0x320 [ 224.618453][ T8541] ? kmsan_get_metadata+0x116/0x180 [ 224.623830][ T8541] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 224.629827][ T8541] ? kmsan_get_metadata+0x116/0x180 [ 224.635216][ T8541] ? kmsan_get_metadata+0x116/0x180 [ 224.640585][ T8541] __se_compat_sys_sendmsg+0xa7/0xc0 [ 224.646067][ T8541] __ia32_compat_sys_sendmsg+0x4a/0x70 [ 224.651713][ T8541] __do_fast_syscall_32+0x127/0x180 [ 224.657214][ T8541] do_fast_syscall_32+0x77/0xd0 [ 224.662258][ T8541] do_SYSENTER_32+0x73/0x90 [ 224.666954][ T8541] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 224.673483][ T8541] RIP: 0023:0xf7f74549 [ 224.677699][ T8541] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 224.697489][ T8541] RSP: 002b:00000000f556e5fc EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 224.706106][ T8541] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200001c0 [ 224.714222][ T8541] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 224.722315][ T8541] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 224.730416][ T8541] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 224.738526][ T8541] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 224.767309][ T8542] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 224.832890][ T8541] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 224.896635][ T8541] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 17:48:56 executing program 0 (fault-call:4 fault-nth:1): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36) nanosleep(&(0x7f0000000340)={0x0, 0x2faf080}, &(0x7f0000000380)) syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e) nanosleep(&(0x7f0000000440)={0x0, 0x2faf080}, &(0x7f0000000480)) syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28) [ 225.356292][ T8544] FAULT_INJECTION: forcing a failure. [ 225.356292][ T8544] name failslab, interval 1, probability 0, space 0, times 1 [ 225.369379][ T8544] CPU: 1 PID: 8544 Comm: syz-executor.0 Not tainted 5.12.0-rc6-syzkaller #0 [ 225.378229][ T8544] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 225.388414][ T8544] Call Trace: [ 225.391806][ T8544] dump_stack+0x24c/0x2e0 [ 225.396363][ T8544] should_fail+0x8bd/0x9e0 [ 225.401000][ T8544] __should_failslab+0x1f1/0x290 [ 225.406129][ T8544] should_failslab+0x29/0x70 [ 225.410911][ T8544] kmem_cache_alloc_node+0xff/0x1180 [ 225.416399][ T8544] ? __alloc_skb+0x33a/0xe90 [ 225.421182][ T8544] ? kmsan_get_metadata+0x116/0x180 [ 225.426557][ T8544] ? kmsan_get_metadata+0x116/0x180 [ 225.431972][ T8544] __alloc_skb+0x33a/0xe90 [ 225.436577][ T8544] netlink_sendmsg+0xdbc/0x1840 [ 225.441661][ T8544] ____sys_sendmsg+0xcfc/0x12f0 [ 225.446732][ T8544] ? netlink_getsockopt+0x1830/0x1830 [ 225.452326][ T8544] __sys_sendmsg+0x714/0x830 [ 225.457137][ T8544] ? kmsan_internal_unpoison_shadow+0x42/0x70 [ 225.463385][ T8544] ? __msan_instrument_asm_store+0x107/0x130 [ 225.469663][ T8544] ? fput+0x82/0x320 [ 225.473724][ T8544] ? kmsan_get_metadata+0x116/0x180 [ 225.479095][ T8544] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 225.485196][ T8544] ? kmsan_get_metadata+0x116/0x180 [ 225.490574][ T8544] ? kmsan_get_metadata+0x116/0x180 [ 225.495950][ T8544] __se_compat_sys_sendmsg+0xa7/0xc0 [ 225.501471][ T8544] __ia32_compat_sys_sendmsg+0x4a/0x70 [ 225.507140][ T8544] __do_fast_syscall_32+0x127/0x180 [ 225.512547][ T8544] do_fast_syscall_32+0x77/0xd0 [ 225.517588][ T8544] do_SYSENTER_32+0x73/0x90 [ 225.522295][ T8544] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 225.528824][ T8544] RIP: 0023:0xf7f74549 [ 225.533016][ T8544] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 225.552913][ T8544] RSP: 002b:00000000f556e5fc EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 225.561514][ T8544] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200001c0 [ 225.569631][ T8544] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 225.577732][ T8544] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 225.585865][ T8544] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 225.593975][ T8544] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 225.638729][ T8547] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 225.722708][ T8544] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 225.787205][ T8544] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 17:48:57 executing program 0 (fault-call:4 fault-nth:2): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36) nanosleep(&(0x7f0000000340)={0x0, 0x2faf080}, &(0x7f0000000380)) syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e) nanosleep(&(0x7f0000000440)={0x0, 0x2faf080}, &(0x7f0000000480)) syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28) [ 226.251805][ T8549] FAULT_INJECTION: forcing a failure. [ 226.251805][ T8549] name failslab, interval 1, probability 0, space 0, times 0 [ 226.265145][ T8549] CPU: 1 PID: 8549 Comm: syz-executor.0 Not tainted 5.12.0-rc6-syzkaller #0 [ 226.273981][ T8549] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 226.284173][ T8549] Call Trace: [ 226.287547][ T8549] dump_stack+0x24c/0x2e0 [ 226.292083][ T8549] should_fail+0x8bd/0x9e0 [ 226.296706][ T8549] __should_failslab+0x1f1/0x290 [ 226.301912][ T8549] should_failslab+0x29/0x70 [ 226.306723][ T8549] __kmalloc_node_track_caller+0x1d9/0x1470 [ 226.312841][ T8549] ? kmem_cache_alloc_node+0xbf8/0x1180 [ 226.318583][ T8549] ? netlink_sendmsg+0xdbc/0x1840 [ 226.323829][ T8549] ? netlink_sendmsg+0xdbc/0x1840 [ 226.329046][ T8549] __alloc_skb+0x4dd/0xe90 [ 226.333627][ T8549] ? netlink_sendmsg+0xdbc/0x1840 [ 226.338851][ T8549] netlink_sendmsg+0xdbc/0x1840 [ 226.343922][ T8549] ____sys_sendmsg+0xcfc/0x12f0 [ 226.348980][ T8549] ? netlink_getsockopt+0x1830/0x1830 [ 226.354556][ T8549] __sys_sendmsg+0x714/0x830 [ 226.359357][ T8549] ? kmsan_internal_unpoison_shadow+0x42/0x70 [ 226.365608][ T8549] ? __msan_instrument_asm_store+0x107/0x130 [ 226.371769][ T8549] ? fput+0x82/0x320 [ 226.375837][ T8549] ? kmsan_get_metadata+0x116/0x180 [ 226.381206][ T8549] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 226.387213][ T8549] ? kmsan_get_metadata+0x116/0x180 [ 226.392582][ T8549] ? kmsan_get_metadata+0x116/0x180 [ 226.397964][ T8549] __se_compat_sys_sendmsg+0xa7/0xc0 [ 226.403446][ T8549] __ia32_compat_sys_sendmsg+0x4a/0x70 [ 226.409097][ T8549] __do_fast_syscall_32+0x127/0x180 [ 226.414500][ T8549] do_fast_syscall_32+0x77/0xd0 [ 226.419559][ T8549] do_SYSENTER_32+0x73/0x90 [ 226.424262][ T8549] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 226.430798][ T8549] RIP: 0023:0xf7f74549 [ 226.434995][ T8549] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 226.454779][ T8549] RSP: 002b:00000000f556e5fc EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 226.463378][ T8549] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200001c0 [ 226.471504][ T8549] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 226.479612][ T8549] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 226.487710][ T8549] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 226.495805][ T8549] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 226.516810][ T8552] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 226.606895][ T8553] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 226.672435][ T8549] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 17:48:58 executing program 0 (fault-call:4 fault-nth:3): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36) nanosleep(&(0x7f0000000340)={0x0, 0x2faf080}, &(0x7f0000000380)) syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e) nanosleep(&(0x7f0000000440)={0x0, 0x2faf080}, &(0x7f0000000480)) syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28) 17:48:58 executing program 1 (fault-call:5 fault-nth:0): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36) nanosleep(&(0x7f0000000340)={0x0, 0x2faf080}, &(0x7f0000000380)) syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e) nanosleep(&(0x7f0000000440)={0x0, 0x2faf080}, &(0x7f0000000480)) syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28) [ 227.181018][ T8556] FAULT_INJECTION: forcing a failure. [ 227.181018][ T8556] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 227.194554][ T8556] CPU: 1 PID: 8556 Comm: syz-executor.0 Not tainted 5.12.0-rc6-syzkaller #0 [ 227.415554][ T8556] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 227.425748][ T8556] Call Trace: [ 227.429118][ T8556] dump_stack+0x24c/0x2e0 [ 227.433646][ T8556] should_fail+0x8bd/0x9e0 [ 227.438305][ T8556] should_fail_usercopy+0x39/0x40 [ 227.443533][ T8556] _copy_from_iter_full+0x400/0x1760 [ 227.449040][ T8556] ? kmsan_get_metadata+0x116/0x180 [ 227.454426][ T8556] ? __msan_metadata_ptr_for_load_4+0x10/0x20 [ 227.460717][ T8556] netlink_sendmsg+0x10d1/0x1840 [ 227.465887][ T8556] ____sys_sendmsg+0xcfc/0x12f0 [ 227.470945][ T8556] ? netlink_getsockopt+0x1830/0x1830 [ 227.476522][ T8556] __sys_sendmsg+0x714/0x830 [ 227.481319][ T8556] ? kmsan_internal_unpoison_shadow+0x42/0x70 [ 227.487592][ T8556] ? __msan_instrument_asm_store+0x107/0x130 [ 227.493753][ T8556] ? fput+0x82/0x320 [ 227.497813][ T8556] ? kmsan_get_metadata+0x116/0x180 [ 227.503188][ T8556] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 227.509186][ T8556] ? kmsan_get_metadata+0x116/0x180 [ 227.514572][ T8556] ? kmsan_get_metadata+0x116/0x180 [ 227.519950][ T8556] __se_compat_sys_sendmsg+0xa7/0xc0 [ 227.525435][ T8556] __ia32_compat_sys_sendmsg+0x4a/0x70 [ 227.531091][ T8556] __do_fast_syscall_32+0x127/0x180 [ 227.536500][ T8556] do_fast_syscall_32+0x77/0xd0 [ 227.541541][ T8556] do_SYSENTER_32+0x73/0x90 [ 227.546246][ T8556] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 227.552782][ T8556] RIP: 0023:0xf7f74549 [ 227.556973][ T8556] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 227.576758][ T8556] RSP: 002b:00000000f556e5fc EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 227.585354][ T8556] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200001c0 [ 227.593478][ T8556] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 227.601609][ T8556] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 227.609714][ T8556] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 227.617814][ T8556] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 227.640318][ T8559] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 227.733554][ T8559] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 227.810713][ T8559] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 17:48:59 executing program 0 (fault-call:4 fault-nth:4): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36) nanosleep(&(0x7f0000000340)={0x0, 0x2faf080}, &(0x7f0000000380)) syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e) nanosleep(&(0x7f0000000440)={0x0, 0x2faf080}, &(0x7f0000000480)) syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28) [ 228.316516][ T8562] FAULT_INJECTION: forcing a failure. [ 228.316516][ T8562] name failslab, interval 1, probability 0, space 0, times 0 [ 228.329491][ T8562] CPU: 1 PID: 8562 Comm: syz-executor.0 Not tainted 5.12.0-rc6-syzkaller #0 [ 228.338335][ T8562] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 228.348512][ T8562] Call Trace: [ 228.351907][ T8562] dump_stack+0x24c/0x2e0 [ 228.356453][ T8562] should_fail+0x8bd/0x9e0 [ 228.361071][ T8562] __should_failslab+0x1f1/0x290 [ 228.366201][ T8562] should_failslab+0x29/0x70 [ 228.370984][ T8562] kmem_cache_alloc+0xf6/0x1030 [ 228.376033][ T8562] ? kmsan_get_metadata+0x116/0x180 [ 228.381402][ T8562] ? skb_clone+0x374/0x650 [ 228.385988][ T8562] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 228.391990][ T8562] ? rhashtable_jhash2+0x3c5/0x4d0 [ 228.397298][ T8562] skb_clone+0x374/0x650 [ 228.401733][ T8562] netlink_deliver_tap+0x6e0/0xea0 [ 228.407056][ T8562] ? __netlink_lookup+0x7dc/0x860 [ 228.412297][ T8562] ? kmsan_internal_set_origin+0x85/0xc0 [ 228.418104][ T8562] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 228.424099][ T8562] netlink_unicast+0x1192/0x14a0 [ 228.429281][ T8562] netlink_sendmsg+0x1740/0x1840 [ 228.434449][ T8562] ____sys_sendmsg+0xcfc/0x12f0 [ 228.439542][ T8562] ? netlink_getsockopt+0x1830/0x1830 [ 228.445147][ T8562] __sys_sendmsg+0x714/0x830 [ 228.449978][ T8562] ? kmsan_internal_unpoison_shadow+0x42/0x70 [ 228.456252][ T8562] ? __msan_instrument_asm_store+0x107/0x130 [ 228.462405][ T8562] ? fput+0x82/0x320 [ 228.466462][ T8562] ? kmsan_get_metadata+0x116/0x180 [ 228.471846][ T8562] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 228.477833][ T8562] ? kmsan_get_metadata+0x116/0x180 [ 228.483212][ T8562] ? kmsan_get_metadata+0x116/0x180 [ 228.488589][ T8562] __se_compat_sys_sendmsg+0xa7/0xc0 [ 228.494079][ T8562] __ia32_compat_sys_sendmsg+0x4a/0x70 [ 228.499728][ T8562] __do_fast_syscall_32+0x127/0x180 [ 228.505138][ T8562] do_fast_syscall_32+0x77/0xd0 [ 228.510184][ T8562] do_SYSENTER_32+0x73/0x90 [ 228.514885][ T8562] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 228.521433][ T8562] RIP: 0023:0xf7f74549 [ 228.525628][ T8562] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 228.545429][ T8562] RSP: 002b:00000000f556e5fc EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 228.554093][ T8562] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200001c0 [ 228.562324][ T8562] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 228.570429][ T8562] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 228.578563][ T8562] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 228.586664][ T8562] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 228.620152][ T8565] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 228.637418][ T2063] wlan1: authenticate with 08:02:11:00:00:00 [ 228.645557][ T2063] wlan1: send auth to 08:02:11:00:00:00 (try 1/3) [ 228.652905][ T424] wlan1: send auth to 08:02:11:00:00:00 (try 2/3) [ 228.666184][ T424] wlan1: send auth to 08:02:11:00:00:00 (try 3/3) [ 228.672997][ T424] wlan1: authentication with 08:02:11:00:00:00 timed out 17:49:00 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36) nanosleep(&(0x7f0000000340)={0x0, 0x2faf080}, &(0x7f0000000380)) syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e) nanosleep(&(0x7f0000000440)={0x0, 0x2faf080}, &(0x7f0000000480)) syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28) [ 229.004186][ T8567] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 229.036478][ T2063] wlan1: authenticate with 08:02:11:00:00:00 [ 229.044124][ T2063] wlan1: send auth to 08:02:11:00:00:00 (try 1/3) [ 229.053306][ T424] wlan1: send auth to 08:02:11:00:00:00 (try 2/3) [ 229.106174][ T424] wlan1: send auth to 08:02:11:00:00:00 (try 3/3) [ 229.127730][ T8573] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 229.136161][ T424] wlan1: authenticated [ 229.150499][ T8560] IPVS: ftp: loaded support on port[0] = 21 [ 229.177101][ T2063] mac80211_hwsim hwsim3 wlan1: disabling HT/VHT/HE as WMM/QoS is not supported by the AP [ 229.234245][ T1290] wlan1: associate with 08:02:11:00:00:00 (try 1/3) [ 229.246978][ T8567] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 229.267960][ T1290] wlan1: RX AssocResp from 08:02:11:00:00:00 (capab=0x1 status=0 aid=1) [ 229.276999][ T1290] wlan1: associated [ 229.799633][ T8560] chnl_net:caif_netlink_parms(): no params data found 17:49:01 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36) nanosleep(&(0x7f0000000340)={0x0, 0x2faf080}, &(0x7f0000000380)) syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e) nanosleep(&(0x7f0000000440)={0x0, 0x2faf080}, &(0x7f0000000480)) syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28) [ 230.058603][ T8560] bridge0: port 1(bridge_slave_0) entered blocking state [ 230.066132][ T8560] bridge0: port 1(bridge_slave_0) entered disabled state [ 230.092855][ T8560] device bridge_slave_0 entered promiscuous mode [ 230.106594][ T8560] bridge0: port 2(bridge_slave_1) entered blocking state [ 230.109526][ T8709] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 230.113925][ T8560] bridge0: port 2(bridge_slave_1) entered disabled state [ 230.133374][ T8560] device bridge_slave_1 entered promiscuous mode [ 230.185400][ T8560] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 230.203011][ T8560] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link 17:49:01 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x2, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36) nanosleep(&(0x7f0000000340)={0x0, 0x2faf080}, &(0x7f0000000380)) syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e) nanosleep(&(0x7f0000000440)={0x0, 0x2faf080}, &(0x7f0000000480)) syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28) [ 230.298033][ T8560] team0: Port device team_slave_0 added [ 230.313245][ T8560] team0: Port device team_slave_1 added [ 230.385178][ T8560] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 230.392248][ T8560] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 230.418851][ T8560] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 230.539617][ T8560] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 230.546855][ T8560] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 230.573162][ T8560] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 230.600603][ T8738] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 17:49:02 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x3, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36) nanosleep(&(0x7f0000000340)={0x0, 0x2faf080}, &(0x7f0000000380)) syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e) nanosleep(&(0x7f0000000440)={0x0, 0x2faf080}, &(0x7f0000000480)) syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28) [ 230.747008][ T8560] device hsr_slave_0 entered promiscuous mode [ 230.765839][ T8560] device hsr_slave_1 entered promiscuous mode [ 230.785417][ T8560] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 230.793090][ T8560] Cannot create hsr debugfs directory [ 231.056255][ C1] ===================================================== [ 231.063237][ C1] BUG: KMSAN: uninit-value in ieee80211_sta_tx_notify+0x3b1/0x920 [ 231.071074][ C1] CPU: 1 PID: 1290 Comm: kworker/u4:21 Not tainted 5.12.0-rc6-syzkaller #0 [ 231.079679][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 231.089928][ C1] Workqueue: phy4 ieee80211_beacon_connection_loss_work [ 231.097012][ C1] Call Trace: [ 231.100301][ C1] [ 231.103151][ C1] dump_stack+0x24c/0x2e0 [ 231.107506][ C1] kmsan_report+0xfb/0x1e0 [ 231.111943][ C1] __msan_warning+0x5c/0xa0 [ 231.116468][ C1] ieee80211_sta_tx_notify+0x3b1/0x920 [ 231.121958][ C1] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 231.127790][ C1] ? kmsan_get_metadata+0x116/0x180 [ 231.133033][ C1] ieee80211_tx_status_ext+0x1291/0x4fa0 [ 231.135542][ T7] Bluetooth: hci1: command 0x0409 tx timeout [ 231.138702][ C1] ieee80211_tx_status+0x221/0x270 [ 231.138744][ C1] ieee80211_tasklet_handler+0x322/0x390 [ 231.138781][ C1] ? ieee80211_reconfig_filter+0x50/0x50 [ 231.138815][ C1] tasklet_action_common+0x3de/0x640 [ 231.166425][ C1] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 231.172612][ C1] ? tasklet_kill+0x210/0x210 [ 231.177315][ C1] tasklet_action+0x30/0x40 [ 231.181842][ C1] __do_softirq+0x1b9/0x715 [ 231.186367][ C1] ? idle_cpu+0x9a/0x1d0 [ 231.190644][ C1] ? __irq_exit_rcu+0x83/0x280 [ 231.195432][ C1] do_softirq+0x123/0x1c0 [ 231.199786][ C1] [ 231.202727][ C1] __local_bh_enable_ip+0xa1/0xb0 [ 231.207778][ C1] local_bh_enable+0x36/0x40 [ 231.212398][ C1] __ieee80211_tx_skb_tid_band+0x28f/0x390 [ 231.218236][ C1] ieee80211_send_nullfunc+0x59a/0x6e0 [ 231.223728][ C1] ieee80211_mgd_probe_ap_send+0x88d/0xb30 [ 231.229568][ C1] ieee80211_mgd_probe_ap+0x52c/0x6e0 [ 231.234974][ C1] ieee80211_beacon_connection_loss_work+0x19b/0x420 [ 231.241680][ C1] ? ieee80211_chswitch_work+0x1470/0x1470 [ 231.247516][ C1] process_one_work+0x1219/0x1fe0 [ 231.252584][ C1] worker_thread+0x10ec/0x2340 [ 231.257372][ C1] ? kmsan_get_metadata+0x116/0x180 [ 231.262599][ C1] kthread+0x521/0x560 [ 231.266699][ C1] ? process_one_work+0x1fe0/0x1fe0 [ 231.271924][ C1] ? kthread_blkcg+0x110/0x110 [ 231.276717][ C1] ret_from_fork+0x1f/0x30 [ 231.281161][ C1] [ 231.283487][ C1] Uninit was created at: [ 231.287722][ C1] kmsan_internal_poison_shadow+0x5c/0xf0 [ 231.293505][ C1] kmsan_slab_alloc+0x8e/0xe0 [ 231.298204][ C1] __kmalloc_node_track_caller+0xa4f/0x1470 [ 231.304166][ C1] __alloc_skb+0x4dd/0xe90 [ 231.308615][ C1] __netdev_alloc_skb+0x45d/0x810 [ 231.313685][ C1] ieee80211_nullfunc_get+0x2b6/0x820 [ 231.319085][ C1] ieee80211_send_nullfunc+0x216/0x6e0 [ 231.324675][ C1] ieee80211_mgd_probe_ap_send+0x88d/0xb30 [ 231.330542][ C1] ieee80211_mgd_probe_ap+0x52c/0x6e0 [ 231.335939][ C1] ieee80211_beacon_connection_loss_work+0x19b/0x420 [ 231.342649][ C1] process_one_work+0x1219/0x1fe0 [ 231.347698][ C1] worker_thread+0x10ec/0x2340 [ 231.352489][ C1] kthread+0x521/0x560 [ 231.356571][ C1] ret_from_fork+0x1f/0x30 [ 231.361021][ C1] ===================================================== [ 231.367970][ C1] Disabling lock debugging due to kernel taint [ 231.380867][ T8769] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 17:49:03 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x4, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36) nanosleep(&(0x7f0000000340)={0x0, 0x2faf080}, &(0x7f0000000380)) syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e) nanosleep(&(0x7f0000000440)={0x0, 0x2faf080}, &(0x7f0000000480)) syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28) [ 231.685648][ T8800] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 231.697700][ T8560] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 231.758994][ T8560] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 231.807536][ T8560] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 231.854011][ T8560] netdevsim netdevsim1 netdevsim3: renamed from eth3 17:49:03 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x5, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36) nanosleep(&(0x7f0000000340)={0x0, 0x2faf080}, &(0x7f0000000380)) syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e) nanosleep(&(0x7f0000000440)={0x0, 0x2faf080}, &(0x7f0000000480)) syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28) [ 232.185801][ T8804] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 17:49:04 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x6, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36) nanosleep(&(0x7f0000000340)={0x0, 0x2faf080}, &(0x7f0000000380)) syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e) nanosleep(&(0x7f0000000440)={0x0, 0x2faf080}, &(0x7f0000000480)) syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28) [ 232.319958][ T8560] 8021q: adding VLAN 0 to HW filter on device bond0 [ 232.361407][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 232.370965][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 232.396871][ T8560] 8021q: adding VLAN 0 to HW filter on device team0 [ 232.443807][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 232.454782][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 232.464420][ T5] bridge0: port 1(bridge_slave_0) entered blocking state [ 232.472012][ T5] bridge0: port 1(bridge_slave_0) entered forwarding state [ 232.545820][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 232.555803][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 232.565801][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 232.575293][ T5] bridge0: port 2(bridge_slave_1) entered blocking state [ 232.582723][ T5] bridge0: port 2(bridge_slave_1) entered forwarding state [ 232.592317][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 232.603492][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 232.628594][ T8806] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 17:49:04 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x7, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36) nanosleep(&(0x7f0000000340)={0x0, 0x2faf080}, &(0x7f0000000380)) syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e) nanosleep(&(0x7f0000000440)={0x0, 0x2faf080}, &(0x7f0000000480)) syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28) [ 232.714955][ T8560] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 232.726057][ T8560] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 232.798893][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 232.809887][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 232.820435][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 232.830873][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 232.841367][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 232.851075][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 232.861491][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 232.871219][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 232.885318][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 232.895259][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 232.987770][ C0] ===================================================== [ 232.994747][ C0] BUG: KMSAN: uninit-value in ieee80211_sta_tx_notify+0x3b1/0x920 [ 233.002621][ C0] CPU: 0 PID: 1290 Comm: kworker/u4:21 Tainted: G B 5.12.0-rc6-syzkaller #0 [ 233.012623][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 233.019437][ T2063] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 233.022704][ C0] Workqueue: phy4 ieee80211_beacon_connection_loss_work [ 233.022755][ C0] Call Trace: [ 233.030520][ T2063] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 233.037098][ C0] [ 233.037112][ C0] dump_stack+0x24c/0x2e0 [ 233.037150][ C0] kmsan_report+0xfb/0x1e0 [ 233.037179][ C0] __msan_warning+0x5c/0xa0 [ 233.037205][ C0] ieee80211_sta_tx_notify+0x3b1/0x920 [ 233.037239][ C0] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 233.037269][ C0] ? kmsan_get_metadata+0x116/0x180 [ 233.037300][ C0] ieee80211_tx_status_ext+0x1291/0x4fa0 [ 233.037347][ C0] ieee80211_tx_status+0x221/0x270 [ 233.037384][ C0] ieee80211_tasklet_handler+0x322/0x390 [ 233.037421][ C0] ? ieee80211_reconfig_filter+0x50/0x50 [ 233.037455][ C0] tasklet_action_common+0x3de/0x640 [ 233.107934][ C0] ? tasklet_kill+0x210/0x210 [ 233.112650][ C0] tasklet_action+0x30/0x40 [ 233.115633][ T8560] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 233.117175][ C0] __do_softirq+0x1b9/0x715 [ 233.117213][ C0] ? idle_cpu+0x9a/0x1d0 [ 233.132711][ C0] ? __irq_exit_rcu+0x83/0x280 [ 233.137515][ C0] do_softirq+0x123/0x1c0 [ 233.141879][ C0] [ 233.144823][ C0] __local_bh_enable_ip+0xa1/0xb0 [ 233.149877][ C0] local_bh_enable+0x36/0x40 [ 233.154498][ C0] __ieee80211_tx_skb_tid_band+0x28f/0x390 [ 233.160335][ C0] ieee80211_send_nullfunc+0x59a/0x6e0 [ 233.165822][ C0] ieee80211_mgd_probe_ap_send+0x88d/0xb30 [ 233.171655][ C0] ieee80211_mgd_probe_ap+0x52c/0x6e0 [ 233.177053][ C0] ieee80211_beacon_connection_loss_work+0x19b/0x420 [ 233.183760][ C0] ? ieee80211_chswitch_work+0x1470/0x1470 [ 233.189595][ C0] process_one_work+0x1219/0x1fe0 [ 233.194661][ C0] worker_thread+0x10ec/0x2340 [ 233.199456][ C0] ? kmsan_get_metadata+0x116/0x180 [ 233.204682][ C0] kthread+0x521/0x560 [ 233.208776][ C0] ? process_one_work+0x1fe0/0x1fe0 [ 233.214006][ C0] ? kthread_blkcg+0x110/0x110 [ 233.218790][ C0] ret_from_fork+0x1f/0x30 [ 233.223239][ C0] [ 233.225568][ C0] Uninit was created at: [ 233.229836][ C0] kmsan_internal_poison_shadow+0x5c/0xf0 [ 233.235592][ C0] kmsan_slab_alloc+0x8e/0xe0 [ 233.240296][ C0] __kmalloc_node_track_caller+0xa4f/0x1470 [ 233.246218][ C0] __alloc_skb+0x4dd/0xe90 [ 233.250656][ C0] __netdev_alloc_skb+0x45d/0x810 [ 233.255697][ C0] ieee80211_nullfunc_get+0x2b6/0x820 [ 233.261096][ C0] ieee80211_send_nullfunc+0x216/0x6e0 [ 233.266575][ C0] ieee80211_mgd_probe_ap_send+0x88d/0xb30 [ 233.271488][ T8812] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 233.272397][ C0] ieee80211_mgd_probe_ap+0x52c/0x6e0 [ 233.272436][ C0] ieee80211_beacon_connection_loss_work+0x19b/0x420 [ 233.272470][ C0] process_one_work+0x1219/0x1fe0 [ 233.272506][ C0] worker_thread+0x10ec/0x2340 [ 233.272537][ C0] kthread+0x521/0x560 [ 233.308177][ C0] ret_from_fork+0x1f/0x30 [ 233.312817][ C0] ===================================================== [ 233.322910][ T2063] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 233.332962][ T2063] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 233.346580][ T5] Bluetooth: hci1: command 0x041b tx timeout 17:49:05 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x8, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36) nanosleep(&(0x7f0000000340)={0x0, 0x2faf080}, &(0x7f0000000380)) syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e) nanosleep(&(0x7f0000000440)={0x0, 0x2faf080}, &(0x7f0000000480)) syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28) [ 233.482120][ T2063] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 233.492646][ T2063] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 233.527279][ T8560] device veth0_vlan entered promiscuous mode [ 233.545763][ T2063] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 233.554691][ T2063] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 233.619571][ T8560] device veth1_vlan entered promiscuous mode [ 233.762966][ T8816] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 233.782308][ T2063] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 233.792527][ T2063] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 233.814489][ T8560] device veth0_macvtap entered promiscuous mode [ 233.840368][ T8560] device veth1_macvtap entered promiscuous mode [ 233.922700][ T8560] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 233.933495][ T8560] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 233.947571][ T8560] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 233.961047][ T2063] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 233.970499][ T2063] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 233.979864][ T2063] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 233.989670][ T2063] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready 17:49:05 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x9, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36) nanosleep(&(0x7f0000000340)={0x0, 0x2faf080}, &(0x7f0000000380)) syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e) nanosleep(&(0x7f0000000440)={0x0, 0x2faf080}, &(0x7f0000000480)) syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28) [ 234.103663][ T8560] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 234.115118][ T8560] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 234.129073][ T8560] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 234.138857][ T2063] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 234.149530][ T2063] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 234.174534][ T8560] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 234.183895][ T8560] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 234.193691][ T8560] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 234.203097][ T8560] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 234.526598][ T8820] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 234.641127][ T8833] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 234.652755][ T1106] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 234.661358][ T1106] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 234.672018][ T8451] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 234.756478][ T1106] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 234.764443][ T1106] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 234.772551][ T2063] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 235.057226][ C0] ===================================================== [ 235.064210][ C0] BUG: KMSAN: uninit-value in ieee80211_sta_tx_notify+0x3b1/0x920 [ 235.072138][ C0] CPU: 0 PID: 1290 Comm: kworker/u4:21 Tainted: G B 5.12.0-rc6-syzkaller #0 [ 235.082137][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 235.092210][ C0] Workqueue: phy4 ieee80211_beacon_connection_loss_work [ 235.099189][ C0] Call Trace: [ 235.102479][ C0] [ 235.105348][ C0] dump_stack+0x24c/0x2e0 [ 235.109805][ C0] kmsan_report+0xfb/0x1e0 [ 235.114299][ C0] __msan_warning+0x5c/0xa0 [ 235.118824][ C0] ieee80211_sta_tx_notify+0x3b1/0x920 [ 235.124313][ C0] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 235.130139][ C0] ? kmsan_get_metadata+0x116/0x180 [ 235.135361][ C0] ieee80211_tx_status_ext+0x1291/0x4fa0 [ 235.141103][ C0] ieee80211_tx_status+0x221/0x270 [ 235.146257][ C0] ieee80211_tasklet_handler+0x322/0x390 [ 235.151940][ C0] ? ieee80211_reconfig_filter+0x50/0x50 [ 235.157607][ C0] tasklet_action_common+0x3de/0x640 [ 235.162988][ C0] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 235.169173][ C0] ? tasklet_kill+0x210/0x210 [ 235.173876][ C0] tasklet_action+0x30/0x40 [ 235.178426][ C0] __do_softirq+0x1b9/0x715 [ 235.183037][ C0] ? idle_cpu+0x9a/0x1d0 [ 235.187363][ C0] ? __irq_exit_rcu+0x83/0x280 [ 235.192150][ C0] do_softirq+0x123/0x1c0 [ 235.196507][ C0] [ 235.199446][ C0] __local_bh_enable_ip+0xa1/0xb0 [ 235.204521][ C0] local_bh_enable+0x36/0x40 [ 235.209207][ C0] __ieee80211_tx_skb_tid_band+0x28f/0x390 [ 235.215047][ C0] ieee80211_send_nullfunc+0x59a/0x6e0 [ 235.220536][ C0] ieee80211_mgd_probe_ap_send+0x88d/0xb30 [ 235.222290][ T8849] FAULT_INJECTION: forcing a failure. [ 235.222290][ T8849] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 235.226386][ C0] ieee80211_mgd_probe_ap+0x52c/0x6e0 [ 235.226429][ C0] ieee80211_beacon_connection_loss_work+0x19b/0x420 [ 235.226467][ C0] ? ieee80211_chswitch_work+0x1470/0x1470 [ 235.226499][ C0] process_one_work+0x1219/0x1fe0 [ 235.262409][ C0] worker_thread+0x10ec/0x2340 [ 235.267211][ C0] ? kmsan_get_metadata+0x116/0x180 [ 235.272432][ C0] kthread+0x521/0x560 [ 235.276519][ C0] ? process_one_work+0x1fe0/0x1fe0 [ 235.281749][ C0] ? kthread_blkcg+0x110/0x110 [ 235.286532][ C0] ret_from_fork+0x1f/0x30 [ 235.290972][ C0] [ 235.290987][ T8849] CPU: 1 PID: 8849 Comm: syz-executor.1 Tainted: G B 5.12.0-rc6-syzkaller #0 [ 235.293289][ C0] Uninit was created at: [ 235.293296][ C0] kmsan_internal_poison_shadow+0x5c/0xf0 [ 235.303386][ T8849] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 235.307608][ C0] kmsan_slab_alloc+0x8e/0xe0 [ 235.307640][ C0] __kmalloc_node_track_caller+0xa4f/0x1470 [ 235.307674][ C0] __alloc_skb+0x4dd/0xe90 [ 235.307745][ C0] __netdev_alloc_skb+0x45d/0x810 [ 235.313449][ T8849] Call Trace: [ 235.323496][ C0] ieee80211_nullfunc_get+0x2b6/0x820 [ 235.323541][ C0] ieee80211_send_nullfunc+0x216/0x6e0 [ 235.323571][ C0] ieee80211_mgd_probe_ap_send+0x88d/0xb30 [ 235.323609][ C0] ieee80211_mgd_probe_ap+0x52c/0x6e0 [ 235.323640][ C0] ieee80211_beacon_connection_loss_work+0x19b/0x420 [ 235.328318][ T8849] dump_stack+0x24c/0x2e0 [ 235.334190][ C0] process_one_work+0x1219/0x1fe0 [ 235.334231][ C0] worker_thread+0x10ec/0x2340 [ 235.334264][ C0] kthread+0x521/0x560 [ 235.334292][ C0] ret_from_fork+0x1f/0x30 [ 235.334322][ C0] ===================================================== [ 235.397289][ T1984] Bluetooth: hci1: command 0x040f tx timeout [ 235.399655][ T8849] should_fail+0x8bd/0x9e0 [ 235.417198][ T8849] should_fail_usercopy+0x39/0x40 [ 235.422430][ T8849] _copy_from_user+0x63/0x300 [ 235.427341][ T8849] ? kmsan_get_metadata+0x116/0x180 [ 235.432725][ T8849] __se_compat_sys_socketcall+0x17b/0x16b0 [ 235.438801][ T8849] ? kmsan_get_metadata+0x116/0x180 [ 235.444169][ T8849] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 235.450152][ T8849] ? __msan_metadata_ptr_for_load_8+0x10/0x20 [ 235.456402][ T8849] ? syscall_enter_from_user_mode_work+0x56/0x100 [ 235.463141][ T8849] __ia32_compat_sys_socketcall+0x3e/0x60 [ 235.469054][ T8849] __do_fast_syscall_32+0x127/0x180 [ 235.474523][ T8849] do_fast_syscall_32+0x77/0xd0 [ 235.479578][ T8849] do_SYSENTER_32+0x73/0x90 [ 235.484268][ T8849] entry_SYSENTER_compat_after_hwframe+0x4d/0x5c [ 235.490792][ T8849] RIP: 0023:0xf7f76549 [ 235.494982][ T8849] Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 235.514755][ T8849] RSP: 002b:00000000f552d570 EFLAGS: 00000282 ORIG_RAX: 0000000000000066 [ 235.523359][ T8849] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00000000f552d580 [ 235.531467][ T8849] RDX: 000000000819b0b0 RSI: 0000000000000036 RDI: 0000000000000000 [ 235.539617][ T8849] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 235.547710][ T8849] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 235.555825][ T8849] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 235.570828][ C1] ===================================================== [ 235.577830][ C1] BUG: KMSAN: uninit-value in ieee80211_sta_tx_notify+0x3b1/0x920 [ 235.585672][ C1] CPU: 1 PID: 1106 Comm: kworker/u4:19 Tainted: G B 5.12.0-rc6-syzkaller #0 [ 235.590645][ T8851] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 235.595673][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 235.595695][ C1] Workqueue: phy4 ieee80211_iface_work [ 235.595808][ C1] Call Trace: [ 235.595818][ C1] [ 235.595828][ C1] dump_stack+0x24c/0x2e0 [ 235.595865][ C1] kmsan_report+0xfb/0x1e0 [ 235.595896][ C1] __msan_warning+0x5c/0xa0 [ 235.595924][ C1] ieee80211_sta_tx_notify+0x3b1/0x920 [ 235.595970][ C1] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 235.596005][ C1] ? kmsan_get_metadata+0x116/0x180 [ 235.657029][ C1] ieee80211_tx_status_ext+0x1291/0x4fa0 [ 235.662716][ C1] ieee80211_tx_status+0x221/0x270 [ 235.667861][ C1] ieee80211_tasklet_handler+0x322/0x390 [ 235.673526][ C1] ? ieee80211_reconfig_filter+0x50/0x50 [ 235.679190][ C1] tasklet_action_common+0x3de/0x640 [ 235.684502][ C1] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 235.690712][ C1] ? tasklet_kill+0x210/0x210 [ 235.695412][ C1] tasklet_action+0x30/0x40 [ 235.699937][ C1] __do_softirq+0x1b9/0x715 [ 235.704462][ C1] ? idle_cpu+0x9a/0x1d0 [ 235.708735][ C1] ? __irq_exit_rcu+0x83/0x280 [ 235.713527][ C1] do_softirq+0x123/0x1c0 [ 235.717884][ C1] [ 235.720831][ C1] __local_bh_enable_ip+0xa1/0xb0 [ 235.725880][ C1] local_bh_enable+0x36/0x40 [ 235.730496][ C1] __ieee80211_tx_skb_tid_band+0x28f/0x390 [ 235.736338][ C1] ieee80211_send_nullfunc+0x59a/0x6e0 [ 235.741827][ C1] ieee80211_mgd_probe_ap_send+0x88d/0xb30 [ 235.747664][ C1] ieee80211_sta_work+0x1a01/0x2d00 [ 235.752889][ C1] ? __msan_metadata_ptr_for_store_1+0x13/0x20 [ 235.759065][ C1] ? _raw_spin_unlock_irqrestore+0x37/0x80 [ 235.764914][ C1] ? kmsan_get_metadata+0x116/0x180 [ 235.770227][ C1] ? kmsan_get_metadata+0x116/0x180 [ 235.775470][ C1] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 235.781308][ C1] ieee80211_iface_work+0x1211/0x1290 [ 235.786734][ C1] ? kmsan_get_metadata+0x116/0x180 [ 235.791956][ C1] ? kmsan_get_metadata+0x116/0x180 [ 235.797179][ C1] ? ieee80211_check_queues+0x730/0x730 [ 235.802756][ C1] process_one_work+0x1219/0x1fe0 [ 235.807817][ C1] worker_thread+0x10ec/0x2340 [ 235.807860][ C1] ? kmsan_get_metadata+0x116/0x180 [ 235.807895][ C1] kthread+0x521/0x560 [ 235.807926][ C1] ? process_one_work+0x1fe0/0x1fe0 [ 235.807959][ C1] ? kthread_blkcg+0x110/0x110 [ 235.807992][ C1] ret_from_fork+0x1f/0x30 [ 235.808026][ C1] [ 235.808031][ C1] Uninit was created at: [ 235.808038][ C1] kmsan_internal_poison_shadow+0x5c/0xf0 [ 235.808076][ C1] kmsan_slab_alloc+0x8e/0xe0 [ 235.808101][ C1] __kmalloc_node_track_caller+0xa4f/0x1470 [ 235.808133][ C1] __alloc_skb+0x4dd/0xe90 [ 235.808159][ C1] __netdev_alloc_skb+0x45d/0x810 [ 235.808186][ C1] ieee80211_nullfunc_get+0x2b6/0x820 [ 235.808219][ C1] ieee80211_send_nullfunc+0x216/0x6e0 [ 235.808250][ C1] ieee80211_mgd_probe_ap_send+0x88d/0xb30 [ 235.885345][ C1] ieee80211_sta_work+0x1a01/0x2d00 [ 235.890576][ C1] ieee80211_iface_work+0x1211/0x1290 [ 235.895972][ C1] process_one_work+0x1219/0x1fe0 [ 235.901019][ C1] worker_thread+0x10ec/0x2340 [ 235.905808][ C1] kthread+0x521/0x560 [ 235.909897][ C1] ret_from_fork+0x1f/0x30 [ 235.914333][ C1] ===================================================== 17:49:07 executing program 1 (fault-call:5 fault-nth:1): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36) nanosleep(&(0x7f0000000340)={0x0, 0x2faf080}, &(0x7f0000000380)) syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e) nanosleep(&(0x7f0000000440)={0x0, 0x2faf080}, &(0x7f0000000480)) syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28) 17:49:07 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0xa, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36) nanosleep(&(0x7f0000000340)={0x0, 0x2faf080}, &(0x7f0000000380)) syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e) nanosleep(&(0x7f0000000440)={0x0, 0x2faf080}, &(0x7f0000000480)) syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28) [ 236.293619][ T8860] wlan1: authenticate with 08:02:11:00:00:00 [ 236.301708][ T8860] wlan1: send auth to 08:02:11:00:00:00 (try 1/3) [ 236.312449][ T1290] wlan1: send auth to 08:02:11:00:00:00 (try 2/3) [ 236.325499][ T1290] wlan1: send auth to 08:02:11:00:00:00 (try 3/3) 17:49:08 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36) nanosleep(&(0x7f0000000340)={0x0, 0x2faf080}, &(0x7f0000000380)) syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e) nanosleep(&(0x7f0000000440)={0x0, 0x2faf080}, &(0x7f0000000480)) syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28) [ 236.352036][ T8862] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 236.371608][ T1290] wlan1: authentication with 08:02:11:00:00:00 timed out [ 236.444086][ T8862] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 236.525534][ T8862] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 236.593354][ T8864] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 236.628244][ T2063] wlan1: authenticate with 08:02:11:00:00:00 [ 236.636145][ T2063] wlan1: send auth to 08:02:11:00:00:00 (try 1/3) [ 236.692540][ T1290] wlan1: authenticated [ 236.694861][ T8865] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 236.697458][ T2063] mac80211_hwsim hwsim5 wlan1: disabling HT/VHT/HE as WMM/QoS is not supported by the AP [ 236.728595][ T1290] wlan1: associate with 08:02:11:00:00:00 (try 1/3) [ 236.783896][ T1290] wlan1: RX AssocResp from 08:02:11:00:00:00 (capab=0x1 status=0 aid=1) [ 236.792960][ T1290] wlan1: associated [ 236.803325][ T8864] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 236.867368][ T8860] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 236.918715][ T8860] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 17:49:08 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0xb, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36) nanosleep(&(0x7f0000000340)={0x0, 0x2faf080}, &(0x7f0000000380)) syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e) nanosleep(&(0x7f0000000440)={0x0, 0x2faf080}, &(0x7f0000000480)) syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28) [ 237.155484][ T8870] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 237.220833][ T8870] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 17:49:08 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) syz_80211_inject_frame(&(0x7f00000002c0)=@device_b={0x4}, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36) nanosleep(&(0x7f0000000340)={0x0, 0x2faf080}, &(0x7f0000000380)) syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e) nanosleep(&(0x7f0000000440)={0x0, 0x2faf080}, &(0x7f0000000480)) syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28) [ 237.306367][ T8872] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 237.456203][ T1984] Bluetooth: hci1: command 0x0419 tx timeout [ 237.527286][ T8875] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 237.647575][ T8878] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 237.662861][ T8870] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 17:49:09 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) syz_80211_inject_frame(&(0x7f00000002c0)=@device_b={0x50}, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36) nanosleep(&(0x7f0000000340)={0x0, 0x2faf080}, &(0x7f0000000380)) syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e) nanosleep(&(0x7f0000000440)={0x0, 0x2faf080}, &(0x7f0000000480)) syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28) [ 237.713811][ T8870] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 17:49:09 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0xc, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36) nanosleep(&(0x7f0000000340)={0x0, 0x2faf080}, &(0x7f0000000380)) syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e) nanosleep(&(0x7f0000000440)={0x0, 0x2faf080}, &(0x7f0000000480)) syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28) [ 237.967159][ T8881] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 238.017149][ C0] ===================================================== [ 238.024122][ C0] BUG: KMSAN: uninit-value in ieee80211_sta_tx_notify+0x3b1/0x920 [ 238.031967][ C0] CPU: 0 PID: 692 Comm: kworker/u4:14 Tainted: G B 5.12.0-rc6-syzkaller #0 [ 238.041898][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 238.051984][ C0] Workqueue: phy6 ieee80211_beacon_connection_loss_work [ 238.058969][ C0] Call Trace: [ 238.062258][ C0] [ 238.065130][ C0] dump_stack+0x24c/0x2e0 [ 238.069492][ C0] kmsan_report+0xfb/0x1e0 [ 238.073408][ T8883] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 238.073933][ C0] __msan_warning+0x5c/0xa0 [ 238.073974][ C0] ieee80211_sta_tx_notify+0x3b1/0x920 [ 238.093651][ C0] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 238.099524][ C0] ? kmsan_get_metadata+0x116/0x180 [ 238.104800][ C0] ieee80211_tx_status_ext+0x1291/0x4fa0 [ 238.110485][ C0] ieee80211_tx_status+0x221/0x270 [ 238.115643][ C0] ieee80211_tasklet_handler+0x322/0x390 [ 238.121314][ C0] ? ieee80211_reconfig_filter+0x50/0x50 [ 238.126984][ C0] tasklet_action_common+0x3de/0x640 [ 238.132313][ C0] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 238.138499][ C0] ? tasklet_kill+0x210/0x210 [ 238.143256][ C0] tasklet_action+0x30/0x40 [ 238.147789][ C0] __do_softirq+0x1b9/0x715 [ 238.152315][ C0] ? idle_cpu+0x9a/0x1d0 [ 238.156586][ C0] ? __irq_exit_rcu+0x83/0x280 [ 238.161378][ C0] do_softirq+0x123/0x1c0 [ 238.165736][ C0] [ 238.168676][ C0] __local_bh_enable_ip+0xa1/0xb0 [ 238.173738][ C0] local_bh_enable+0x36/0x40 [ 238.178360][ C0] __ieee80211_tx_skb_tid_band+0x28f/0x390 [ 238.183493][ T8886] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 238.184205][ C0] ieee80211_send_nullfunc+0x59a/0x6e0 [ 238.184248][ C0] ieee80211_mgd_probe_ap_send+0x88d/0xb30 [ 238.205271][ C0] ieee80211_mgd_probe_ap+0x52c/0x6e0 [ 238.210682][ C0] ieee80211_beacon_connection_loss_work+0x19b/0x420 [ 238.217397][ C0] ? ieee80211_chswitch_work+0x1470/0x1470 [ 238.223234][ C0] process_one_work+0x1219/0x1fe0 [ 238.228302][ C0] worker_thread+0x10ec/0x2340 [ 238.233108][ C0] kthread+0x521/0x560 [ 238.237209][ C0] ? process_one_work+0x1fe0/0x1fe0 [ 238.242436][ C0] ? kthread_blkcg+0x110/0x110 [ 238.247229][ C0] ret_from_fork+0x1f/0x30 [ 238.251674][ C0] [ 238.254028][ C0] Uninit was created at: [ 238.258270][ C0] kmsan_internal_poison_shadow+0x5c/0xf0 [ 238.264024][ C0] kmsan_slab_alloc+0x8e/0xe0 [ 238.268722][ C0] __kmalloc_node_track_caller+0xa4f/0x1470 [ 238.271447][ T8883] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 238.274642][ C0] __alloc_skb+0x4dd/0xe90 [ 238.274676][ C0] __netdev_alloc_skb+0x45d/0x810 [ 238.274703][ C0] ieee80211_nullfunc_get+0x2b6/0x820 [ 238.299214][ C0] ieee80211_send_nullfunc+0x216/0x6e0 [ 238.304708][ C0] ieee80211_mgd_probe_ap_send+0x88d/0xb30 [ 238.310537][ C0] ieee80211_mgd_probe_ap+0x52c/0x6e0 [ 238.315978][ C0] ieee80211_beacon_connection_loss_work+0x19b/0x420 [ 238.322685][ C0] process_one_work+0x1219/0x1fe0 [ 238.327740][ C0] worker_thread+0x10ec/0x2340 [ 238.332530][ C0] kthread+0x521/0x560 [ 238.336624][ C0] ret_from_fork+0x1f/0x30 [ 238.341060][ C0] ===================================================== [ 238.400164][ T8887] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 17:49:10 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) syz_80211_inject_frame(&(0x7f00000002c0)=@device_b={0x58}, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36) nanosleep(&(0x7f0000000340)={0x0, 0x2faf080}, &(0x7f0000000380)) syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e) nanosleep(&(0x7f0000000440)={0x0, 0x2faf080}, &(0x7f0000000480)) syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28) [ 238.640899][ T8883] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 238.693700][ T8883] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 17:49:10 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0xf, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36) nanosleep(&(0x7f0000000340)={0x0, 0x2faf080}, &(0x7f0000000380)) syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e) nanosleep(&(0x7f0000000440)={0x0, 0x2faf080}, &(0x7f0000000480)) syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28) [ 238.845652][ T8894] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 238.918373][ T8895] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 17:49:10 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) syz_80211_inject_frame(&(0x7f00000002c0)=@device_b={0x8, 0x3}, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36) nanosleep(&(0x7f0000000340)={0x0, 0x2faf080}, &(0x7f0000000380)) syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e) nanosleep(&(0x7f0000000440)={0x0, 0x2faf080}, &(0x7f0000000480)) syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28) [ 239.114434][ T8897] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 239.231728][ T8902] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 239.279472][ T8901] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 239.320693][ T8897] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 239.398224][ T8903] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 17:49:11 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) syz_80211_inject_frame(&(0x7f00000002c0)=@device_b={0x8, 0x4}, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36) nanosleep(&(0x7f0000000340)={0x0, 0x2faf080}, &(0x7f0000000380)) syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e) nanosleep(&(0x7f0000000440)={0x0, 0x2faf080}, &(0x7f0000000480)) syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28) [ 239.662592][ T8897] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 239.714505][ T8897] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 17:49:11 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x60, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36) nanosleep(&(0x7f0000000340)={0x0, 0x2faf080}, &(0x7f0000000380)) syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e) nanosleep(&(0x7f0000000440)={0x0, 0x2faf080}, &(0x7f0000000480)) syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28) [ 239.830914][ T8909] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 239.943870][ T8910] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 240.016856][ C1] ===================================================== [ 240.023839][ C1] BUG: KMSAN: uninit-value in ieee80211_sta_tx_notify+0x3b1/0x920 [ 240.031680][ C1] CPU: 1 PID: 1290 Comm: kworker/u4:21 Tainted: G B 5.12.0-rc6-syzkaller #0 [ 240.041674][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 240.051759][ C1] Workqueue: phy6 ieee80211_beacon_connection_loss_work [ 240.058742][ C1] Call Trace: [ 240.062026][ C1] [ 240.064874][ C1] dump_stack+0x24c/0x2e0 [ 240.069232][ C1] kmsan_report+0xfb/0x1e0 [ 240.073670][ C1] __msan_warning+0x5c/0xa0 [ 240.078223][ C1] ieee80211_sta_tx_notify+0x3b1/0x920 [ 240.083705][ C1] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 240.089539][ C1] ? kmsan_get_metadata+0x116/0x180 [ 240.094758][ C1] ieee80211_tx_status_ext+0x1291/0x4fa0 [ 240.100432][ C1] ieee80211_tx_status+0x221/0x270 [ 240.105582][ C1] ieee80211_tasklet_handler+0x322/0x390 [ 240.111243][ C1] ? ieee80211_reconfig_filter+0x50/0x50 17:49:11 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) syz_80211_inject_frame(&(0x7f00000002c0)=@device_b={0x8, 0x5}, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36) nanosleep(&(0x7f0000000340)={0x0, 0x2faf080}, &(0x7f0000000380)) syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e) nanosleep(&(0x7f0000000440)={0x0, 0x2faf080}, &(0x7f0000000480)) syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28) [ 240.116915][ C1] tasklet_action_common+0x3de/0x640 [ 240.122228][ C1] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 240.128405][ C1] ? tasklet_kill+0x210/0x210 [ 240.133116][ C1] tasklet_action+0x30/0x40 [ 240.137644][ C1] __do_softirq+0x1b9/0x715 [ 240.142182][ C1] ? idle_cpu+0x9a/0x1d0 [ 240.146459][ C1] ? __irq_exit_rcu+0x83/0x280 [ 240.151249][ C1] do_softirq+0x123/0x1c0 [ 240.155615][ C1] [ 240.158551][ C1] __local_bh_enable_ip+0xa1/0xb0 [ 240.163599][ C1] local_bh_enable+0x36/0x40 [ 240.168228][ C1] __ieee80211_tx_skb_tid_band+0x28f/0x390 [ 240.174063][ C1] ieee80211_send_nullfunc+0x59a/0x6e0 [ 240.179599][ C1] ieee80211_mgd_probe_ap_send+0x88d/0xb30 [ 240.185437][ C1] ieee80211_mgd_probe_ap+0x52c/0x6e0 [ 240.190845][ C1] ieee80211_beacon_connection_loss_work+0x19b/0x420 [ 240.197546][ C1] ? ieee80211_chswitch_work+0x1470/0x1470 [ 240.203377][ C1] process_one_work+0x1219/0x1fe0 [ 240.208476][ C1] worker_thread+0x10ec/0x2340 [ 240.213267][ C1] ? kmsan_get_metadata+0x116/0x180 [ 240.218489][ C1] kthread+0x521/0x560 [ 240.222580][ C1] ? process_one_work+0x1fe0/0x1fe0 [ 240.227807][ C1] ? kthread_blkcg+0x110/0x110 [ 240.232591][ C1] ret_from_fork+0x1f/0x30 [ 240.237034][ C1] [ 240.239358][ C1] Uninit was created at: [ 240.243593][ C1] kmsan_internal_poison_shadow+0x5c/0xf0 [ 240.249339][ C1] kmsan_slab_alloc+0x8e/0xe0 [ 240.254046][ C1] __kmalloc_node_track_caller+0xa4f/0x1470 [ 240.259963][ C1] __alloc_skb+0x4dd/0xe90 [ 240.264397][ C1] __netdev_alloc_skb+0x45d/0x810 [ 240.269447][ C1] ieee80211_nullfunc_get+0x2b6/0x820 [ 240.274839][ C1] ieee80211_send_nullfunc+0x216/0x6e0 [ 240.280318][ C1] ieee80211_mgd_probe_ap_send+0x88d/0xb30 [ 240.286143][ C1] ieee80211_mgd_probe_ap+0x52c/0x6e0 [ 240.291533][ C1] ieee80211_beacon_connection_loss_work+0x19b/0x420 [ 240.298236][ C1] process_one_work+0x1219/0x1fe0 [ 240.303301][ C1] worker_thread+0x10ec/0x2340 [ 240.308111][ C1] kthread+0x521/0x560 [ 240.312194][ C1] ret_from_fork+0x1f/0x30 [ 240.316620][ C1] ===================================================== [ 240.531262][ T8914] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 240.656607][ T8919] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 240.667688][ T8918] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium 17:49:12 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x44}}, 0x0) syz_80211_inject_frame(&(0x7f00000002c0)=@device_b={0x8, 0x6}, &(0x7f0000000300)=@mgmt_frame=@probe_response={@wo_ht={{}, {}, @device_b, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void, @void, @void, @void, @void, @void}, 0x36) nanosleep(&(0x7f0000000340)={0x0, 0x2faf080}, &(0x7f0000000380)) syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e) nanosleep(&(0x7f0000000440)={0x0, 0x2faf080}, &(0x7f0000000480)) syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={@wo_ht={{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val={0x1, 0x8, [{0x2, 0x1}, {0x4, 0x1}, {0xb, 0x1}, {0x16, 0x1}, {0xc}, {0x12}, {0x18}, {0x24}]}, @void}, 0x28) [ 240.720937][ T8919] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 240.809731][ T8920] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 240.996541][ T8922] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium